Amazon CLF-C02 Online Practice Questions and Exam Preparation

Amazon CLF-C02 Online Questions & Answers

• Question 571:

  A company is configuring its AWS Cloud environment. The company's administrators need to group users together and apply permissions to the group.

  Which AWS service or feature can the company use to meet these requirements?

  A. AWS Organizations
  B. Resource groups
  C. Resource tagging
  D. AWS Identity and Access Management (IAM)
  D. AWS Identity and Access Management (IAM)

  ---

  Explanation

  The AWS service or feature that the company can use to group users together and apply permissions to the group is AWS Identity and Access Management (IAM). AWS IAM is a service that enables users to create and manage users, groups, roles, and permissions for AWS services and resources. Users can use IAM groups to organize multiple users that have similar access requirements, and attach policies to the groups that define the permissions for the users in the group. This simplifies the management and administration of user access

• Question 572:

  Which AWS service or tool provides on-demand access to AWS security and compliance reports and AWS online agreements?

  A. AWS Artifact
  B. AWS Trusted Advisor
  C. Amazon Inspector
  D. AWS Billing console
  A. AWS Artifact

  ---

  Explanation

  AWS Artifact is the AWS service or tool that provides on-demand access to AWS security and compliance reports and AWS online agreements. AWS Trusted Advisor is a tool that provides real-time guidance to help users provision their resources following AWS best practices. Amazon Inspector is a service that helps users improve the security and compliance of their applications. AWS Billing console is a tool that helps users manage their AWS costs and usage. These concepts are explained in the AWS Cloud Practitioner Essentials course3.

• Question 573:

  A company is considering implementing a new workload m the AWS Cloud However, the company first wants to forecast the potential cost.

  Which tool should the company use to estimate the cost of the workload?

  A. Cost Explorer
  B. AWS Pricing Calculator
  C. AWS Billing and Cost Management dashboard
  D. AWS Cost and Usage Report
  B. AWS Pricing Calculator

  ---

  Explanation

• Question 574:

  Which AWS service provides storage that can be mounted across multiple Amazon EC2 instances?

  A. Amazon Workspaces
  B. Amazon Elastic File System (Amazon EFS)
  C. AWS Database Migration Service (AWS DMS)
  D. AWS Snowball Edge
  B. Amazon Elastic File System (Amazon EFS)

  ---

  Explanation

  Amazon EFS is a fully managed service that provides scalable and elastic file storage for multiple Amazon EC2 instances. Amazon EFS supports the Network File System (NFS) protocol, which allows multiple EC2 instances to access the same file system concurrently. You can learn more about Amazon EFS from this webpage or this digital course.

• Question 575:

  Which AWS Cloud benefit gives a company the ability to quickly deploy cloud resources to access compute, storage, and database infrastructures in a matter of minutes?

  A. Elasticity
  B. Cost savings
  C. Agility
  D. Reliability
  C. Agility

  ---

  Explanation

  Agility is the AWS Cloud benefit that gives a company the ability to quickly deploy cloud resources to access compute, storage, and database infrastructures in a matter of minutes. Agility means that you can reduce the time to make IT

  resources available to your developers from weeks to just minutes, resulting in a dramatic increase in innovation and responsiveness. AWS provides a range of services and tools that enable you to launch, scale, and manage your cloud

  applications with ease and speed, such as AWS CloudFormation, AWS Elastic Beanstalk, AWS CodeDeploy, and AWS Quick Starts.

  References:

  Six advantages of cloud computing - Overview of Amazon Web Services [AWS CloudFormation]

  [AWS Elastic Beanstalk]

  [AWS CodeDeploy]

  AWS Quick Starts

• Question 576:

  Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

  A. Ensuring network connectivity from AWS to the internet
  B. Patching and fixing flaws within the AWS Cloud infrastructure
  C. Ensuring the physical security of cloud data centers
  D. Ensuring Amazon EBS volumes are backed up
  D. Ensuring Amazon EBS volumes are backed up

  ---

  Explanation

  The AWS shared responsibility model describes how AWS and the customer share responsibility for security and compliance of the AWS environment. AWS is responsible for the security of the cloud, which includes the physical security of AWS facilities, the infrastructure, hardware, software, and networking that run AWS services. The customer is responsible for security in the cloud, which includes the configuration of security groups, the encryption of customer data on AWS, the management of AWS Lambda infrastructure, and the management of network throughput of each AWS Region. One of the customer responsibilities is to ensure that Amazon EBS volumes are backed up.

• Question 577:

  A system automatically recovers from failure when a company launches its workload on the AWS Cloud services platform.

  Which pillar of the AWS Well-Architected Framework does this situation demonstrate?

  A. Reliability
  B. Cost optimization
  C. Performance efficiency
  D. Operational excellence.
  A. Reliability

  ---

  Explanation

  In AWS, various services and features, such as Auto Scaling, Amazon RDS Multi-AZ, and Amazon S3 versioning, contribute to improving the reliability of workloads by automatically recovering from failures and maintaining high availability. By leveraging these AWS services, companies can design and build applications that are fault-tolerant and resilient to outages and disruptions.

• Question 578:

  How does AWS Cloud computing help businesses reduce costs? (Select TWO.)

  A. AWS changes the name prices for servicers in every AWS Region.
  B. AWS enables capacity in be adjusted un demand.
  C. AWS offers discounts tor Amazon LC2 instances that remain Idle tor more man 1 week.
  D. AWS does not charge for data sent from the AWS Cloud to the internet.
  E. AWS eliminates many of the costs of building and maintaining on-premises data centers.
  B. AWS enables capacity in be adjusted un demand.
  E. AWS eliminates many of the costs of building and maintaining on-premises data centers.

  ---

  Explanation

• Question 579:

  Which task can a company perform by using security groups in the AWS Cloud?

  A. Allow access to an Amazon EC2 instance through only a specific port.
  B. Deny access to malicious IP addresses at a subnet level.
  C. Protect data that is cached by Amazon CloudFront.
  D. Apply a stateless firewall to an Amazon EC2 instance.
  A. Allow access to an Amazon EC2 instance through only a specific port.

  ---

  Explanation

  Security groups are virtual firewalls that control the inbound and outbound traffic for Amazon EC2 instances. They can be used to allow access to an Amazon EC2 instance through only a specific port, such as port 22 for SSH or port 80 for HTTP. Security groups cannot deny access to malicious IP addresses at a subnet level, as they only allow or deny traffic based on the rules defined by the customer. To block malicious IP addresses, customers can use network ACLs, which are stateless firewalls that can be applied to subnets. Security groups cannot protect data that is cached by Amazon CloudFront, as they only apply to EC2 instances. To protect data that is cached by Amazon CloudFront, customers can use encryption, signed URLs, or signed cookies. Security groups are not stateless firewalls, as they track the state of the traffic and automatically allow the response traffic to flow back to the source. Stateless firewalls do not track the state of the traffic and require rules for both inbound and outbound traffic.

• Question 580:

  Which AWS service meets this requirement?

  A. AWS CloudFormation
  B. AWS Elastic Beanstalk
  C. AWS Cloud9
  D. AWS CloudShell
  A. AWS CloudFormation

  ---

  Explanation

  AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS and third-party resources, and provision and manage them in an orderly and predictable fashion. You can use AWS CloudFormation's sample templates or create your own templates to describe the AWS and third-party resources, and any associated dependencies or runtime parameters, required to run your application.