Amazon CLF-C02 Online Practice Questions and Exam Preparation

Amazon CLF-C02 Online Questions & Answers

• Question 461:

  Which AWS service can be used to send alerts when a specific Amazon CloudWatch alarm is invoked?

  A. AWS CloudTrail
  B. Amazon Simple Notification Service (Amazon SNS)
  C. Amazon Simple Queue Service (Amazon SQS)
  D. Amazon EventBridge
  B. Amazon Simple Notification Service (Amazon SNS)

  ---

  Explanation

• Question 462:

  A company wants to receive a notification when a specific AWS cost threshold is reached.

  Which AWS services or tools can the company use to meet this requirement? (Choose two.)

  A. Amazon Simple Queue Service (Amazon SQS)
  B. AWS Budgets
  C. Cost Explorer
  D. Amazon CloudWatch
  E. AWS Cost and Usage Report
  B. AWS Budgets
  D. Amazon CloudWatch

  ---

  Explanation

  AWS Budgets and Amazon CloudWatch are two AWS services or tools that the company can use to receive a notification when a specific AWS cost threshold is reached. AWS Budgets allows users to set custom budgets to track their costs and usage, and respond quickly to alerts received from email or Amazon Simple Notification Service (Amazon SNS) notifications if they exceed their threshold. Users can create cost budgets with fixed or variable target amounts, and configure their notifications for actual or forecasted spend. Users can also set up custom actions to run automatically or through an approval process when a budget target is exceeded. For example, users could automatically apply a custom IAM policy that denies them the ability to provision additional resources within an account. Amazon CloudWatch is a service that monitors applications, responds to performance changes, optimizes resource use, and provides insights into operational health. Users can use CloudWatch to collect and track metrics, which are variables they can measure for their resources and applications. Users can create alarms that watch metrics and send notifications or automatically make changes to the resources they are monitoring when a threshold is breached. Users can use CloudWatch to monitor their AWS costs and usage by creating billing alarms that send notifications when their estimated charges exceed a specified threshold amount. Users can also use CloudWatch to monitor their Reserved Instance (RI) or Savings Plans utilization and coverage, and receive notifications when they fall below a certain level.

• Question 463:

  When designing AWS workloads to be operational even when there are component failures, what is an AWS best practice?

  A. Perform quarterly disaster recovery tests.
  B. Place the main component on the us-east-1 Region.
  C. Design for automatic failover to healthy resources.
  D. Design workloads to fit on a single Amazon EC2 instance.
  C. Design for automatic failover to healthy resources.

  ---

  Explanation

  Designing for automatic failover to healthy resources is an AWS best practice when designing AWS workloads to be operational even when there are component failures. This means that you should architect your system to handle the loss of one or more components without impacting the availability or performance of your application. You can use various AWS services and features to achieve this, such as Auto Scaling, Elastic Load Balancing, Amazon Route 53, Amazon CloudFormation, and AWS CloudFormation4.

• Question 464:

  A company needs a threat detection service that will continuously monitor its AWS accounts, workloads, and Amazon S3 buckets for malicious activity and unauthorized behavior.

  Which AWS service meets these requirements?

  A. AWS Shield
  B. AWS Firewall Manager
  C. Amazon GuardDuty
  D. Amazon Inspector
  C. Amazon GuardDuty

  ---

  Explanation

• Question 465:

  Which Reserved Instance (Rl) provides the HIGHEST average cost savings compared to an On-Demand Instance?

  A. 1-year. No Upfront. Standard Rl
  B. 1-year. All Upfront. Convertible Rl
  C. 3-year. All Upfront, Standard Rl
  D. 3-year. No Upfront. Convertible Rl
  C. 3-year. All Upfront, Standard Rl

  ---

  Explanation

  https://aws.amazon.com/ec2/pricing/reserved-instances/pricing/

• Question 466:

  How does the AWS global infrastructure offer high availability and fault tolerance lo its users?

  A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk and are interconnected with low-latency networks and redundant power supplies
  B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location
  C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions
  D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that ate connected with low-latency networking and redundant power supplies
  D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that ate connected with low-latency networking and redundant power supplies

  ---

  Explanation

• Question 467:

  Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as:

  A. restricted access.
  B. as-needed access.
  C. least privilege access.
  D. token access.
  C. least privilege access.

  ---

  Explanation

  The concept of granting access only to the resources needed to perform a task is known as least privilege access. This is a security best practice in IAM that helps to reduce the risk of unauthorized or malicious actions. By applying least privilege access, you can limit the permissions of your IAM users, groups, and roles to the minimum required for their specific tasks. You can also use conditions, permissions boundaries, and IAM Access Analyzer to further restrict and verify access.

• Question 468:

  Which AWS service or tool gives a company the ability to release application changes in an automated way?

  A. Amazon AppFlow
  B. AWS CodeDeploy
  C. AWS PrivateLink
  D. Amazon EKS Distro
  B. AWS CodeDeploy

  ---

  Explanation

  AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Lambda, and on-premises servers. CodeDeploy makes it easy to release new

  features, helps avoid downtime during application deployment, and handles the complexity of updating applications in a scalable and reliable manner.

  Why other options are not suitable:

  A. Amazon AppFlow: A service to automate data flows between AWS and SaaS applications, not for application deployment.

  C. AWS PrivateLink: A service to securely access AWS services from your virtual private cloud (VPC), not related to application deployments.

  D. Amazon EKS Distro: A Kubernetes distribution for running Kubernetes clusters, not specifically designed for automated deployments.

  References:

  AWS CodeDeploy Documentation

• Question 469:

  Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

  A. Agility
  B. Elasticity
  C. Reliability
  D. Durability
  B. Elasticity

  ---

  Explanation

  Elasticity is a characteristic of the AWS Cloud that helps users eliminate underutilized CPU capacity. Elasticity refers to the ability to dynamically provision and de- provision computing resources as per demand, ensuring that the application or service always has the required resources to operate efficiently. Elasticity helps users optimize performance and costs, as they only pay for the resources they use and avoid wasting resources when the demand is low.

• Question 470:

  A company is choosing an AWS Support plan. The company needs the ability to contact cloud support engineers by phone, email, and chat 24 hours a day, 7 days a week.

  What is the LEAST expensive AWS Support plan that meets these requirements?

  A. AWS Basic Support
  B. AWS Developer Support
  C. AWS Business Support
  D. AWS Enterprise Support
  C. AWS Business Support

  ---

  Explanation

  https://aws.amazon.com/premiumsupport/plans/