clf-c02 7
Uploaded by
jodypark201clf-c02 7
Uploaded by
jodypark201Recommend!!
Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Amazon-Web-Services
Exam Questions CLF-C02
AWS Certified Cloud Practitioner
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 1
- (Exam Topic 1)
Which of the following are aspects of the AWS shared responsibility model? (Select TWO.)
A. Configuration management of infrastructure devices is the customer’s responsibility.
B. For Amazon S3, AWS operates the infrastructure layer, the operating systems, and the platforms.
C. AWS is responsible for protecting the physical cloud infrastructure.
D. AWS is responsible for training the customer’s employees on AWS products and services.
E. For Amazon EC2, AWS is responsible for maintaining the guest operating system.
Answer: AC
Explanation:
AWS responsibility “Security of the Cloud” - AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This
infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.
Customer responsibility “Security in the Cloud” – Customer responsibility will be determined by the AWS Cloud services that a customer selects. This determines
the amount of configuration work the customer must perform as part of their security responsibilities. For example, a service such as Amazon Elastic Compute
Cloud (Amazon EC2) is categorized as Infrastructure as a Service (IaaS) and, as such, requires the customer to perform all of the necessary security configuration
and management tasks. Customers that deploy an Amazon EC2 instance are responsible for management of the guest operating system (including updates and
security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a
security group) on each instance. For abstracted services, such as Amazon S3 and Amazon DynamoDB, AWS operates the infrastructure layer, the operating
system, and platforms, and customers access the endpoints to store and retrieve data. Customers are responsible for managing their data (including encryption
options), classifying their assets, and using IAM tools to apply the appropriate permissions.
Shared_Responsibility_Model_V2
NEW QUESTION 2
- (Exam Topic 1)
Which AWS service allows for file sharing between multiple Amazon EC2 instances?
A. AWS Direct Connect
B. AWS Snowball Edge
C. AWS Backup
D. Amazon Elastic File System (Amazon EFS)
Answer: D
Explanation:
Amazon EFS provides shared file storage for use with compute instances in the AWS Cloud and on-premises servers. Applications that require shared file access
can use Amazon EFS for reliable file storage delivering high aggregate throughput to thousands of clients simultaneously.
NEW QUESTION 3
- (Exam Topic 1)
A company is considering a migration from on premises to the AWS Cloud. The company’s IT team needs to offload support of the workload. What should the IT
team do to accomplish this goal?
A. Use AWS Managed Services to provision, run, and support the company infrastructure.
B. Build hardware refreshes into the operational calendar to ensure availability.
C. Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 instances.
D. Overprovision compute capacity for seasonal events and traffic spikes to prevent downtime.
Answer: A
NEW QUESTION 4
- (Exam Topic 1)
A company wants to use a template to reliably provision, manage, and update its infrastructure in the AWS Cloud. Which AWS service will meet these
requirements?
A. AWS Lambda
B. AWS CloudFormation
C. AWS Fargate
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
D. AWS CodeDeploy
Answer: B
NEW QUESTION 5
- (Exam Topic 1)
A user has been granted permission to change their own IAM user password. Which AWS services can the user use to change the password? (Select TWO.)
A. AWS Command Line Interface (AWS CLI)
B. AWS Key Management Service (AWS KMS)
C. AWS Management Console
D. AWS Resource Access Manager (AWS RAM)
E. AWS Secrets Manager
Answer: AC
NEW QUESTION 6
- (Exam Topic 1)
A developer is working on enhancing applications at AWS. The developer needs a service that can securely host GitHub-based code, repositories, and version
controls. Which AWS service should the developer use?
A. AWS CodeStar
B. Amazon CodeGuru
C. AWS CodeCommit
D. AWS CodePipeline
Answer: C
NEW QUESTION 7
- (Exam Topic 1)
Which databases are available on Amazon RDS? (Select TWO.)
A. Sybase
B. Microsoft SQL Server
C. IBM Db2
D. MongoDB
E. PostgreSQL
Answer: BE
NEW QUESTION 8
- (Exam Topic 1)
A company is using AWS Lambda. Which task is the company’s responsibility, according to the AWS shared responsibility model?
A. Update the Lambda runtime language.
B. Maintain the runtime environment.
C. Maintain the networking infrastructure.
D. Configure the resource.
Answer: A
Explanation:
https://aws.amazon.com/lambda/security-overview-of-aws-lambda/ When customers use AWS Lambda, AWS manages the underlying infrastructure and
foundation services, the operating system, and the application platform. Customers themselves are responsible for the security of their code, the storage and
accessibility of sensitive data, and identity and access management (IAM) to the Lambda service and within their function.
NEW QUESTION 9
- (Exam Topic 1)
Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?
A. Pay-as-you-go pricing
B. High availability
C. Global reach
D. Economies of scale
Answer: D
NEW QUESTION 10
- (Exam Topic 1)
A company runs a web application on Amazon EC2 instances. The application must run constantly and is expected to run indefinitely without interruption.
Which EC2 instance purchasing options will meet these requirements MOST cost-effectively? (Select TWO.)
A. On-Demand Instances
B. Spot Instances.
C. Reserved Instances
D. Savings Plans
E. Dedicated Hosts
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Answer: CD
Explanation:
Amazon EC2 provides the following purchasing options to enable you to optimize your costs based on your needs:
*On-Demand Instances – Pay, by the second, for the instances that you launch.
*Savings Plans – Reduce your Amazon EC2 costs by making a commitment to a consistent amount of usage, in USD per hour, for a term of 1 or 3 years.
*Reserved Instances – Reduce your Amazon EC2 costs by making a commitment to a consistent instance configuration, including instance type and Region, for a
term of 1 or 3 years.
*Spot Instances – Request unused EC2 instances, which can reduce your Amazon EC2 costs significantly.
*Dedicated Hosts – Pay for a physical host that is fully dedicated to running your instances, and bring your existing per-socket, per-core, or per-VM software
licenses to reduce costs.
*Dedicated Instances – Pay, by the hour, for instances that run on single-tenant hardware.
*Capacity Reservations – Reserve capacity for your EC2 instances in a specific Availability Zone for any duration.
If you require a capacity reservation, purchase Reserved Instances or Capacity Reservations for a specific Availability Zone. Spot Instances are a cost-effective
choice if you can be flexible about when your applications run and if they can be interrupted. Dedicated Hosts or Dedicated Instances can help you address
compliance requirements and reduce costs by using your existing server-bound software licenses.
NEW QUESTION 10
- (Exam Topic 1)
Which AWS service offers threat detection and continuously monitors for malicious activity and unauthorized behavior in AWS accounts?
A. Amazon Made
B. AWS Config
C. Amazon GuardDuty
D. Amazon Inspector
Answer: C
NEW QUESTION 13
- (Exam Topic 1)
Which tasks are responsibilities of AWS, according to the AWS shared responsibility model? (Select TWO.)
A. Encrypt client-side data and authenticate data integrity.
B. Manage customer data.
C. Perform identity and access management.
D. Provide physical security for Availability Zones.
E. Patch the operating system of Amazon S3
Answer: AD
NEW QUESTION 17
- (Exam Topic 1)
Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Select TWO.)
A. Users must manually configure Amazon EC2 instances.
B. Users have a choice of operating systems.
C. The application has built-in fault tolerance.
D. Users can run Amazon EC2 Spot Instances.
E. The application can scale based on demand.
Answer: CE
NEW QUESTION 19
- (Exam Topic 1)
Which tasks require use of the AWS account root user? (Select TWO.)
A. Changing an AWS Support plan
B. Modifying an Amazon EC2 instance type
C. Grouping resources in AWS Systems Manager
D. Running applications in Amazon Elastic Kubernetes Service (Amazon EKS)
E. Closing an AWS account
Answer: AE
NEW QUESTION 24
- (Exam Topic 1)
An ecommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud. Which cost is the company's direct responsibility?
A. Cost of application software licenses
B. Cost of the hardware infrastructure on AWS
C. Cost of power for the AWS servers
D. Cost of physical security for the AWS data center
Answer: A
NEW QUESTION 28
- (Exam Topic 1)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Which pillar of the AWS Well-Architected Framework includes the continual improvement of processes and procedures as a priority?
A. Cost optimization
B. Reliability
C. Performance efficiency
D. Operational excellence
Answer: B
NEW QUESTION 33
- (Exam Topic 1)
A company is running an Amazon EC2 instance in a VPC.
Which of the following can the company use to route and filter incoming network requests for the EC2 instance?
A. Route tables and web application firewalls
B. Security groups and route tables
C. Security groups and a network intrusion system
D. Route tables and AWS Shield
Answer: B
NEW QUESTION 36
- (Exam Topic 1)
What is the customer ALWAYS responsible for managing, according to the AWS shared responsibility model?
A. Software licenses
B. Networking
C. Customer data
D. Encryption keys
Answer: C
NEW QUESTION 37
- (Exam Topic 1)
A company is moving its virtual machines (VMs) from an on-premises environment to the AWS Cloud. The company plans to deploy Amazon EC2 instances.
Which cloud computing model will the company use in this scenario?
A. Platform as a service (PaaS)
B. Infrastructure as a service (laaS)
C. Function as a service (FaaS)
D. Software as a service (SaaS)
Answer: B
NEW QUESTION 42
- (Exam Topic 1)
A company runs applications that process credit card information. Auditors have asked if the AWS environment has changed since the previous audit. If the AWS
environment has changed, the auditors want to know how it has changed. Which AWS services can provide this information? (Select TWO.)
A. AWS Artifact
B. AWS Trusted Advisor
C. AWS Config
D. AWS Cloud Trail
E. AWS Identity and Access Management (IAM)
Answer: CD
Explanation:
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS' security and compliance
reports and select online agreements.
AWS Trusted Advisor provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks
identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas.
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your
AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
AWS CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously
monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services
and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions.
NEW QUESTION 46
- (Exam Topic 1)
Which Amazon S3 feature or storage class uses the AWS backbone network and edge locations to reduce latencies from the end user to Amazon S3?
A. S3 Cross-Region Replication
B. S3 Transfer Acceleration
C. S3 Event Notifications
D. S3 Standard-Infrequent Access (S3 Standard-IA)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Answer: B
Explanation:
S3TA improves transfer performance by routing traffic through Amazon CloudFront's globally distributed Edge Locations and over AWS backbone networks, and
by using network protocol optimizations.
NEW QUESTION 50
- (Exam Topic 1)
Which AWS service or tool lists all the users in an account and reports on the status of account details, including passwords, access keys, and multi-factor
authentication (MFA) devices?
A. WS Shield
B. AWS Trusted Advisor
C. Amazon Inspector
D. IAM credential report
Answer: D
Explanation:
You can generate and download a credential report
that lists all users in your account and the status of their
various credentials, including passwords, access keys, and MFA devices. You can get a credential report from the AWS Management Console, the AWS SDKs
and Command Line Tools , or the IAM API.
NEW QUESTION 55
- (Exam Topic 1)
A company needs to use machine learning and pattern matching to identify and protect sensitive data that the company stores in the AWS Cloud.
Which AWS service will meet these requirements?
A. Amazon Inspector
B. Amazon Macie
C. Amazon GuardDuty
D. AWS Audit Manager
Answer: B
Explanation:
Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive
data in AWS.
NEW QUESTION 58
- (Exam Topic 1)
Which AWS service provides an isolated virtual network to connect AWS services and resources?
A. Amazon EC2
B. Amazon DynamoDB
C. Amazon Lightsail
D. Amazon VPC
Answer: D
Explanation:
Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've defined. This virtual network closely
resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
NEW QUESTION 61
- (Exam Topic 1)
A company requires an isolated environment within AWS for security purposes. Which action can be taken to accomplish this?
A. Create a separate Availability Zone to host the resources.
B. Create a separate VPC to host the resources.
C. Create a placement group to host the resources.
D. Create an AWS Direct Connect connection between the company and AWS.
Answer: B
Explanation:
Network isolation A virtual private cloud (VPC) is a virtual network in your own logically isolated area in the AWS Cloud. Use separate VPCs to isolate
infrastructure by workload or organizational entity. A subnet is a range of IP addresses in a VPC. When you launch an instance, you launch it into a subnet in your
VPC. Use subnets to isolate the tiers of your application (for example, web, application, and database) within a single VPC. Use private subnets for your instances
if they should not be accessed directly from the internet. To call the Amazon EC2 API from your VPC without sending traffic over the public internet, use AWS
PrivateLink. https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/infrastructure-security.html
NEW QUESTION 65
- (Exam Topic 1)
A company wants to secure its consumer web application by using SSL/TLS to encrypt traffic. Which AWS service can the company use to meet this goal?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. AWS WAF
B. AWS Shield
C. Amazon VPC
D. AWS Certificate Manager (ACM)
Answer: D
Explanation:
To enable HTTPS connections to your website or application in AWS, you need an SSL/TLS server certificate. For certificates in a Region supported by AWS
Certificate Manager (ACM), we recommend that you use ACM to provision, manage, and deploy your server certificates.
NEW QUESTION 70
- (Exam Topic 1)
Which AWS services provide high availability across multiple Availability Zones by default? (Select TWO.)
A. Amazon EC2
B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon Elastic File System (Amazon EFS)
D. Amazon Redshift
E. Amazon S3
Answer: BD
NEW QUESTION 73
- (Exam Topic 1)
Which of the following is a way to use Amazon EC2 Auto Scaling groups to scale capacity in the AWS Cloud?
A. Scale the number of EC2 instances in or out automatically, based on demand.
B. Use serverless EC2 instances.
C. Scale the size of EC2 instances up or down automatically, based on demand.
D. Transfer unused CPU resources between EC2 instances.
Answer: A
NEW QUESTION 76
- (Exam Topic 1)
A company needs to audit its AWS resources. The company must document any changes that have been made to the resources. Which AWS service will meet
these requirements?
A. AWS Artifact
B. AWS Config
C. Amazon Inspector
D. Amazon CloudWatch
Answer: B
NEW QUESTION 78
- (Exam Topic 1)
A company needs to design an AWS disaster recovery plan to cover multiple geographic areas. Which action will meet this requirement?
A. Configure multiple AWS accounts.
B. Configure the architecture across multiple Availability Zones in an AWS Region.
C. Configure the architecture across multiple AWS Regions.
D. Configure the architecture among many edge locations.
Answer: C
NEW QUESTION 80
- (Exam Topic 1)
A company needs to perform data processing once a week that typically takes about 5 hours to complete. Which AWS service should the company use for this
workload?
A. AWS Lambda
B. Amazon EC2
C. AWS CodeDeploy
D. AWS Wavelength
Answer: A
NEW QUESTION 81
- (Exam Topic 1)
Which AWS service enables the decoupling and scaling of applications?
A. Amazon Simple Queue Service (Amazon SQS)
B. AWS Outposts
C. Amazon S3
D. Amazon Simple Email Service (Amazon SES)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Answer: A
Explanation:
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems,
and serverless applications.
NEW QUESTION 84
- (Exam Topic 1)
Which Reserved Instance (Rl) provides the HIGHEST average cost savings compared to an On-Demand Instance?
A. 1-yea
B. No Upfron
C. Standard Rl
D. 1-yea
E. All Upfron
F. Convertible Rl
G. 3-yea
H. All Upfront, Standard Rl
I. 3-yea
J. No Upfron
K. Convertible Rl
Answer: C
Explanation:
https://aws.amazon.com/ec2/pricing/reserved-instances/pricing/
NEW QUESTION 85
- (Exam Topic 1)
A company needs to report on events that involve the specific AWS services that the company uses.
Which AWS service or resource can the company use with Amazon CloudWatch to meet this requirement?
A. Amazon Inspector
B. AWS Personal Health Dashboard
C. AWS Trusted Advisor
D. AWS Cloud Trail logs
Answer: B
NEW QUESTION 86
- (Exam Topic 1)
A company needs an AWS Support plan that provides programmatic case management through the AWS Support API.
Which support plan will meet this requirement MOST cost-effectively?
A. AWS Business Support
B. AWS Basic Support
C. AWS Developer Support
D. AWS Enterprise Support
Answer: B
NEW QUESTION 87
- (Exam Topic 1)
Which AWS services can use AWS WAF to protect against common web exploitations? (Select TWO.)
A. Amazon Route 53
B. Amazon CloudFront
C. AWS Transfer Family
D. AWS Site-to-Site VPN
E. Amazon API Gateway
Answer: BE
Explanation:
AWS WAF can be deployed on Amazon CloudFront, the Application Load Balancer (ALB), Amazon API Gateway, and AWS AppSync. As part of Amazon
CloudFront it can be part of your Content Distribution Network (CDN) protecting your resources and content at the Edge locations.
NEW QUESTION 91
- (Exam Topic 1)
A company is using Amazon RDS.
Which task is the company's responsibility, according to the AWS shared responsibility model?
A. Apply encryption options for the database.
B. Manage the underlying server hardware on which Amazon RDS runs.
C. Apply patches to the underlying operating system.
D. Apply minor patches to the database.
Answer:
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 94
- (Exam Topic 1)
A company's system administrator discovers that someone logged in to the company's AWS account during the weekend and terminated an Amazon EC2 instance
Which AWS service should the system administrator use to identify who made this change?
A. Amazon Inspector
B. Amazon Pinpoint
C. AWS CloudTrail
D. AWS Trusted Advisor
Answer: C
NEW QUESTION 97
- (Exam Topic 1)
A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days.
Which benefit has this company experienced by moving to the AWS Cloud?
A. Elasticity
B. Flexibility
C. Agility
D. Resilience
Answer: C
Explanation:
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html
NEW QUESTION 99
- (Exam Topic 1)
A company wants to analyze streaming user data and respond to customer queries in real time. Which AWS service can meet these requirements?
A. Amazon QuickSight
B. Amazon Redshift
C. Amazon Kinesis Data Analytics
D. AWS Data Pipeline
Answer: C
Explanation:
Amazon Kinesis is the AWS service that makes it easy to collect, process, and analyze such real-time, streaming data with four different capabilities: Kinesis Data
Streams: Enables ingesting, buffering, and custom processing of your streaming data.
NEW QUESTION 101
- (Exam Topic 1)
Which of the following consists of one or more isolated data centers in the same regional area that are interconnected through low-latency networks?
A. Availability Zone
B. Edge location
C. AWS Region
D. Private networking
Answer: A
NEW QUESTION 105
- (Exam Topic 1)
Which AWS service is a relational database compatible with MySQL and PostgreSQL?
A. Amazon Redshift
B. Amazon DynamoDB
C. Amazon Aurora
D. Amazon Neptune
Answer: C
NEW QUESTION 109
- (Exam Topic 1)
A company needs to process data from satellite communications without managing any infrastructure. Which AWS service should the company use to meet these
requirements?
A. Amazon CloudWatch
B. Amazon Aurora
C. Amazon Athena
D. AWS Ground Station
Answer:
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Explanation:
AWS Ground Station is a fully managed service that lets you control satellite communications, process data, and scale your operations without having to worry
about building or managing your own ground station infrastructure. Satellites are used for a wide variety of use cases, including weather forecasting, surface
imaging, communications, and video broadcasts. Ground stations form the core of global satellite networks. With AWS Ground Station, you have direct access to
AWS services and the AWS Global Infrastructure including a low-latency global fiber network. For example, you can use Amazon S3 to store the downloaded data,
Amazon Kinesis Data Streams for managing data ingestion from satellites, and Amazon SageMaker for building custom machine learning applications that apply to
your data sets. You can save up to 80% on the cost of your ground station operations by paying only for the actual antenna time used, and relying on the global
footprint of ground stations to download data when and where you need it. There are no long-term commitments, and you gain the ability to rapidly scale your
satellite communications on-demand when your business needs it.
NEW QUESTION 113
- (Exam Topic 1)
A company needs to schedule the rotation of database credentials in the AWS Cloud. Which AWS service should the company use to perform this task?
A. AWS Identity and Access Management (IAM)
B. AWS Managed Services (AMS)
C. Amazon RDS
D. AWS Secrets Manager
Answer: D
Explanation:
AWS Secrets Manager makes it easier to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. The key
features of this service include the ability to:
* 1. Secure and manage secrets centrally. You can store, view, and manage all your secrets centrally. By default, Secrets Manager encrypts these secrets with
encryption keys that you own and control. You can use fine-grained IAM policies or resource-based policies to control access to your secrets. You can also tag
secrets to help you discover, organize, and control access to secrets used throughout your organization.
* 2. Rotate secrets safely. You can configure Secrets Manager to rotate secrets automatically without disrupting your applications. Secrets Manager offers built-in
integrations for rotating credentials for all Amazon RDS databases (MySQL, PostgreSQL, Oracle, Microsoft SQL Server, MariaDB, and Amazon Aurora.) You can
also extend Secrets Manager to meet your custom rotation requirements by creating an AWS Lambda function to rotate other types of secrets.
* 3. Transmit securely. Secrets are transmitted securely over Transport Layer Security (TLS) protocol 1.2. You can also use Secrets Manager with Amazon Virtual
Private Cloud (Amazon VPC) endpoints powered by AWS Privatelink to keep this communication within the AWS network and help meet your compliance and
regulatory requirements to limit public internet connectivity.
* 4. Pay as you go. Pay for the secrets you store in Secrets Manager and for the use of these secrets; there are no long-term contracts, licensing fees, or
infrastructure and personnel costs. For example, a typical
production-scale web application will generate an estimated monthly bill of $6. If you follow along the instructions in this blog post, your estimated monthly bill for
Secrets Manager will be $1. Note: you may incur additional charges for using Amazon RDS and Amazon Lambda, if you’ve already consumed the free tier for
these services.
Now that you’re familiar with Secrets Manager features, I’ll show you how to store and automatically rotate credentials for an Oracle database hosted on Amazon
RDS. I divided these instructions into three phases:
* 1. Phase 1: Store and configure rotation for the superuser credential
* 2. Phase 2: Store and configure rotation for the application credential
* 3. Phase 3: Retrieve the credential from Secrets Manager programmatically
NEW QUESTION 118
- (Exam Topic 1)
Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?
A. Agility
B. Elasticity
C. Reliability
D. Durability
Answer: B
NEW QUESTION 122
- (Exam Topic 1)
Which task can a user complete by using AWS Identity and Access Management (IAM)?
A. Validate JSON syntax from an application configuration file.
B. Analyze logs from an Amazon API Gateway call.
C. Filter traffic to or from an Amazon EC2 instance.
D. Grant permissions to applications that run on Amazon EC2 instances.
Answer: D
Explanation:
AWS Identity and Access Management (IAM) is a web service for securely controlling access to AWS resources. It enables you to create and control services for
user authentication or limit access to a certain set of people who use your AWS resources.
NEW QUESTION 125
- (Exam Topic 1)
A company is undergoing a security audit. The audit includes security validation and compliance validation of the AWS infrastructure and services that the
company uses. The auditor needs to locate compliance-related information and must download AWS security and compliance documents. These documents
include the System and Organization Control (SOC) reports.
Which AWS service or group can provide these documents?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. AWS Abuse team
B. AWS Artifact
C. AWS Support
D. AWS Config
Answer: B
Explanation:
• Portal that provides customers with on-demand access to AWS compliance documentation and AWS agreements • Artifact Reports - Allows you to download
AWS security and compliance documents from
third-party auditors, like AWS ISO certifications, Payment Card Industry (PCI), and System and Organization Control (SOC) reports • Artifact Agreements - Allows
you to review, accept, and track the status of AWS agreements such as the Business Associate Addendum (BAA) or the Health Insurance Portability and
Accountability Act (HIPAA) for an individual account or in your organization • Can be used to support internal audit or compliance
NEW QUESTION 126
- (Exam Topic 1)
Which of the following describes some of the core functionality of Amazon S3?
A. Amazon S3 is a high-performance block storage service that is designed for use with Amazon EC2
B. Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability.
C. Amazon S3 is a fully managed, highly reliable, and scalable file storage system that is accessible over the industry-standard SMB protocol.
D. Amazon S3 is a scalable, fully managed elastic NFS for use with AWS Cloud services and on-premises resources.
Answer: B
Explanation:
Amazon S3 is object storage built to store and retrieve any amount of data from anywhere. It’s a simple storage service that offers industry leading durability,
availability, performance, security, and virtually unlimited scalability at very low costs.
NEW QUESTION 129
- (Exam Topic 1)
What is a benefit of moving to the AWS Cloud in terms of improving time to market?
A. Decreased deployment speed
B. Increased application security
C. Increased business agility
D. Increased backup capabilities
Answer: C
NEW QUESTION 131
- (Exam Topic 1)
Who can create and manage access keys for an AWS account root user?
A. The AWS account owner
B. An IAM user that has administrator permissions
C. IAM users within a designated group
D. An IAM user that has the required role
Answer: A
Explanation:
Anyone who has root user credentials for your AWS account has unrestricted access to all the resources in your account, including billing information. When you
create access keys, you create the access key ID and secret access key as a set.
NEW QUESTION 135
- (Exam Topic 1)
Which AWS service should a company use to decouple large monolithic applications into smaller microservices components?
A. AWS Direct Connect
B. Amazon Lightsail
C. Amazon Simple Queue Service (Amazon SQS)
D. Amazon CloudWatch
Answer: C
Explanation:
Amazon SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless
applications
NEW QUESTION 137
- (Exam Topic 1)
Which approach will enhance a user’s security on AWS?
A. Use Multi-AZ deployments with Amazon RDS.
B. Create a hybrid architecture by using AWS Direct Connect.
C. Monitor application-specific information with AWS X-Ray.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
D. Encrypt data by using AWS Key Management Service (AWS KMS).
Answer: D
NEW QUESTION 138
- (Exam Topic 1)
A user is a new AWS account owner who has no special access requirements. What should this user do with the AWS account root user access keys?
A. Share the keys with all relevant internal users so that those users can programmatically access AWS services.
B. Post the keys on GitHub to provide development teams with access to AWS services.
C. Use the keys for access, but do not share the keys with anyone.
D. Delete the keys and create IAM users.
Answer: C
NEW QUESTION 143
- (Exam Topic 1)
A retail company is building a new mobile app. The company is evaluating whether to build the app at an
on-premises data center or in the AWS Cloud. Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)
A. A large, upfront capital expense and low variable expenses
B. Increased speed for trying out new projects
C. Complete control over the physical security of the infrastructure
D. Flexibility to scale up in minutes as the application becomes popular
E. Ability to pick the specific data centers that will host the application servers
Answer: AD
NEW QUESTION 145
- (Exam Topic 1)
Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?
A. Amazon FSx for Windows File Server
B. Amazon Workspaces virtual Windows desktop
C. AWS Directory Service for Microsoft Active Directory
D. Amazon RDS for Microsoft SQL Server
Answer: B
NEW QUESTION 148
- (Exam Topic 2)
A system administrator notices that several Amazon EC2 instances nave been terminated. The system administrator needs to identity the user or AWS API call
that terminated these instances. Which AWS service should the system administrator use to meet this requirement?
A. AWS Trusted Advisor
B. AWS CloudTrail
C. Amazon Inspector
D. Amazon Detective
Answer: B
NEW QUESTION 150
- (Exam Topic 2)
A developer wants to deploy an application on a container-based service. The service must automatically provision and manage the backend instances. The
service must provision only the necessary resources. Which AWS service will meet these requirements?
A. Amazon EC2
B. Amazon Lightsail
C. Amazon Elastic Kubermetes Service (Amazon EKS)
D. AWS Margate
Answer: D
NEW QUESTION 151
- (Exam Topic 2)
Which AWS service or resource helps on-premises applications connect to AWS Cloud-based storage and caches the data locally for low-latency access?
A. AWS Direct Connect
B. AWS Storage Gateway
C. Amazon S3
D. AWS Snowball Edge
Answer: B
Explanation:
Storage Gateway enables on-premises applications to use cloud storage by providing low-latency data access over standard storage protocols.
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 153
- (Exam Topic 2)
A company has stopped all of its Amazon EC2 instances but monthly billing charges continue to occur. What could be causing this? (Select TWO.)
A. Amazon Elastic Block Store (Amazon EBS) storage charges
B. Operating system charges
C. Hardware charges
D. Elastic IP charges
E. Input/output (I/O) charges
Answer: AD
NEW QUESTION 158
- (Exam Topic 2)
What should a user do if the user loses an IAM secret access key?
A. Retrieve the secret access key by using the IAM console.
B. Create a new user with a new access key and a new secret access key.
C. Rotate the secret access key.
D. Request a new secret access key from AWS Support.
Answer: C
NEW QUESTION 163
- (Exam Topic 2)
A company's procurement department wants volume discounts on AWS services for the company but numerous departments have separate AWS accounts.
Which AWS service or tool can the company use to receive volume discounts across multiple AWS accounts?
A. Cost Explore'
B. AWS Budgets
C. AWS Cost and Usage Report
D. AWS Organizations
Answer: D
NEW QUESTION 166
- (Exam Topic 2)
Which AWS service adds speech-to-text capabilities to applications?
A. Amazon Polly
B. Amazon Textract
C. Amazon Transcribe
D. Amazon Comprehend
Answer: C
NEW QUESTION 167
- (Exam Topic 2)
A company is running a workload on AWS. The company wants to protect the workload from DDoS attacks. When AWS service will meet these requirements?
A. AWS Identity and Access Management (IAM)
B. AWS Shield
C. Amazon VPC
D. AWS Artifact
Answer: B
NEW QUESTION 168
- (Exam Topic 2)
Which AWS service can a company use to access compliance documentation and AWS agreements?
A. AWS Security Hub
B. AWS Identity and Access Management (1AM)
C. AWS Artifact
D. AWS Certificate Manager (ACM)
Answer: C
NEW QUESTION 173
- (Exam Topic 2)
A company wants to receive alerts when resources that are launched in the company's AWS account reach 80% of their service quotas. Which AWS service
should the company use to meet this requirement?
A. AWS CloudTrail
B. AWS Trusted Advisor
C. AWS Config
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
D. Amazon inspector
Answer: B
NEW QUESTION 174
- (Exam Topic 2)
Which pillar of Vie AWS Well-Architected Framework is focused on the ability of a workload lo perform its intended function correctly and consistently at the
expected time?
A. Performance efficiency
B. Operational excellence
C. Reliability
D. Security
Answer: A
NEW QUESTION 179
- (Exam Topic 2)
A company uses Amazon EC2 infrastructure to host steady-stale workloads and needs to achieve significant cost savings. Which EC2 instance pricing model
should the company select?
A. Reserved instances
B. On-Demand instances
C. Spot Instances
D. Dedicated Hosts
Answer: A
Explanation:
Instances that must be online all the time and have steady or predictable traffic Any baseline usage, while using On-Demand or Spot Instances for bursts
Applications that might require reserved capacity Customers who can commit to using EC2 over a one-year or 3-year term
https://aws.amazon.com/blogs/startups/optimizing-your-costs-for-aws-services-part-1/
NEW QUESTION 182
- (Exam Topic 2)
A company that uses AWS needs to transfer 2 TB of data.
Which type of transfer of that data would result in no cost for the company?
A. Inbound data transfer from the internet
B. Outbound data transfer to the internet
C. Data transfer between AWS Regions
D. Data transfer between Availability Zones
Answer: B
NEW QUESTION 186
- (Exam Topic 2)
A company that is migrating to the AWS Cloud wants to reduce the operational costs of running its databases. Which combination of actions should the company
take to achieve this goal (Select TWO.)
A. Activate Amazon DynamoDB Accelerator (DAX)
B. Deploy resources across multiple Availability Zones.
C. Decrease operational tasks by using AWS managed services.
D. Automate changes and responses to events.
E. Use the AWS global infrastructure to benefit from economies of scale
Answer: CD
NEW QUESTION 190
- (Exam Topic 2)
How does the AWS global infrastructure offer high availability and fault tolerance lo its users?
A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk and are interconnected
with low-latency networks and redundant power supplies
B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location
C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions
D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that ate connected with low-latency networking and redundant
power supplies
Answer: D
NEW QUESTION 191
- (Exam Topic 2)
Which of the following does Amazon CloudFront use to distribute content to users around the world?
A. Amazon VPC
B. AWS Local Zones
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
C. Edge locations
D. Availability Zones
Answer: C
Explanation:
CloudFront delivers your content through a worldwide network of data centers called edge locations. The regional edge caches are located between your origin
web server and the global edge locations that serve content directly to your viewers.
NEW QUESTION 192
- (Exam Topic 2)
A company is designing an application. For the data persistence layer, the company wants to use a NoSQL database. Which AWS service should the company
use for the database?
A. Amazon Redshift
B. AWS DataSync
C. Amazon Athena
D. Amazon DynamoDB
Answer: D
NEW QUESTION 194
- (Exam Topic 2)
A company puns to move its on-premises servers to Amazon EC2 instances. The company has 50 different business units and wants to separate each billing lot
each unit. What should a cloud practitioner recommend?
A. Use separate AWS accounts for each business unit men filter by unit using the coverage report
B. Place each business unit in a different AWS Region then filter by unit in Cost Explorer.
C. Tag each business unit’s resources then filter by unit in Cost Explorer
D. Use a Afferent VPC for each business unit then Mar by unit using an AWS Cost and Usage Report
Answer: C
NEW QUESTION 198
- (Exam Topic 2)
Which of the following gives a company the ability to fake advantage of tiered pricing tor services across multiple AWS member accounts?
A. AWS Organizations service control policies (SCPs)
B. AWS Organizations consolidated billing
C. All Upfront Reserved instances
D. Cost Explorer utilization reports
Answer: B
NEW QUESTION 199
- (Exam Topic 2)
A company uses AWS Direct Conned and wants to establish connectivity that spans VPCs across multiple AWS Regions. Which AWS service or feature should
the company use to meet these requirements?
A. AWS Transit Gateway
B. AWS PrivateLink
C. Amazon Connect
D. Amazon Route 53
Answer: B
NEW QUESTION 203
- (Exam Topic 2)
A company has deployed its IT infrastructure in the AWS Cloud. The company's database must support reads with sub-millisecond latency.
Which AWS service will meet this requirement?
A. Amazon EMR
B. Amazon RDS
C. AWS Glue
D. Amazon ElastiCache
Answer: D
NEW QUESTION 206
- (Exam Topic 2)
Management at a large company wants to avoid long-term contracts and is interested in AWS to move from fixed costs to variable costs. What is the value
proposition of AWS for this company?
A. Economy of scale
B. Pay-as-you-go pricing
C. Volume discounts
D. Cost optimization
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Answer: B
NEW QUESTION 209
- (Exam Topic 2)
A company needs to use thud-party software for its workload on AWS. Which AWS service or feature can the company use to purchase the software?
A. AWS Resource Access Manager
B. AWS Manager Services
C. AWS License Manager
D. AWS Marketplace
Answer: D
NEW QUESTION 211
- (Exam Topic 2)
A company manages an on-premises MySQL database on a Windows server. The company wants to migrate the database to AWS and needs a solution that will
reduce the administrative overhead of the database.
Which AWS service will meet this requirement?
A. Amazon Redshift
B. Amazon ElastiCache
C. Amazon RDS
D. Amazon Elastic File System (Amazon EFS)
Answer: C
NEW QUESTION 216
- (Exam Topic 2)
Which design principles of the AWS WelI-Architected Framework help increase reliability? (Select TWO.)
A. Automatically recover from failure.
B. Enable traceability.
C. Scale horizontally to increase workload availability.
D. Automate security best practices.
E. Keep people away from data.
Answer: AC
Explanation:
Reliability
The Reliability pillar encompasses the ability of a workload to perform its intended function correctly and consistently when it’s expected to. This includes the
ability to operate and test the workload through its total lifecycle. You can find prescriptive guidance on implementation in the Reliability Pillar whitepaper.
Design Principles
There are five design principles for reliability in the cloud:
Automatically recover from failure
Test recovery procedures
Scale horizontally to increase aggregate workload availability
Stop guessing capacity
Manage change in automation
https://aws.amazon.com/blogs/apn/the-6-pillars-of-the-aws-well-architected-framework/
NEW QUESTION 220
- (Exam Topic 2)
Which of the following are benefits that a company receives when it moves an on-premises internet-lacing website to the AWS Cloud? (Select TWO.)
A. Data that is stored in the AWS Cloud is automatically encrypted.
B. Website capacity can expand or contract as website traffic changes.
C. AWS automatically provides the company with the lowest-cost pricing model.
D. The website shows up with higher priority in internet search engines
E. The company can take advantage of the pay-as-you-go pricing model
Answer: BE
NEW QUESTION 225
- (Exam Topic 2)
Which AWS services are delivered globally instead of regionally? (Select TWO.)
A. Amazon EC2
B. Amazon CloudFront
C. Amazon Route 53
D. Amazon VPC
E. Amazon RDS
Answer: BC
NEW QUESTION 228
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
- (Exam Topic 2)
What is the MOST secure way lo store passwords on AWS?
A. Store passwords in an Amazon S3 bucket
B. Store passwords as AWS CloudFormation parameters
C. Store passwords in AWS Storage Gateway
D. Store passwords in AWS Secrets Manager
Answer: D
NEW QUESTION 231
- (Exam Topic 2)
A company needs an AWS service that can monitor the company's AWS account If the service identifies misconfigurations; the company's operations team must
receive an alert Additionally, the service must remediate the issues by invoking AWS Lambda functions.
Which service will meet these requirements?
A. Amazon Macie
B. Amazon GuardDuty
C. AWS Config
D. AWS Trusted Advisor
Answer: D
NEW QUESTION 232
- (Exam Topic 2)
A company wants to organize its users so that the company can grant permissions to the users as a group. Which AWS service or tool can the company use to
meet this requirement?
A. Security groups
B. AWS identity and Access Management (IAM)
C. Resource groups
D. AWS Security Hub
Answer: B
NEW QUESTION 233
- (Exam Topic 2)
A company uses a database that has a simple sign-up page to create users, and a basic login form to authenticate users so they can access the database. The
company wants to give users the ability to store personal information, but user access must be controlled in a more secure and reliable way.
Which AWS service or feature will meet these requirements?
A. Security groups
B. Amazon GuardDuty
C. AWS Secrets Manager
D. Amazon Cognito
Answer: D
Explanation:
aws.amazon.com/cognito/
NEW QUESTION 237
- (Exam Topic 2)
A company needs to store code in a version control system. The company also needs to continually deploy updated code through a series of automated steps
(build test package and deploy).
Which combination of AWS services will meet these requirements? (Select TWO.)
A. AWS CloudFormation
B. AWS CodeCommit
C. AWS Control Tower
D. AWS Elastic Beanstalk
E. AWS CodePipeline
Answer: BE
NEW QUESTION 239
- (Exam Topic 2)
Which AWS service is a fully hosted version control service?
A. AWS CodeCommit
B. AWS CodeBuild
C. AWS CodeDeploy
D. AWS CodeStar
Answer: B
Explanation:
CodeCommit is a secure, highly scalable, managed source control service that hosts private Git repositories. CodeCommit eliminates the need for you to manage
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
your own source control system or worry about scaling its infrastructure. You can use CodeCommit to store anything from code to binaries. It supports the
standard functionality of Git, so it works seamlessly with your existing Git-based tools.
NEW QUESTION 241
- (Exam Topic 2)
A company distributes traffic evenly among a fleet of Amazon EC2 instances. The EC2 instances must accommodate unpredictable increases in traffic.
Which benefit does the AWS Cloud provide to meet this requirement?
A. Scalability
B. Resilience
C. Security
D. Agility
Answer: A
NEW QUESTION 242
- (Exam Topic 2)
Which AWS service provides managed DDoS protection?
A. AWS Firewall Manager
B. AWS Shield
C. Amazon GuardDuty
D. Amazon Inspector
Answer: B
NEW QUESTION 244
- (Exam Topic 2)
A company wants to accelerate migration from its data center to the AWS Cloud.
Which combination of AWS services should the company use to meet this requirement? (Select TWO.)
A. Amazon Connect
B. AWS Direct Connect
C. AWS Server Migration Service (AWS SMS)
D. Amazon Route 53
E. AWS Organizations
Answer: BC
NEW QUESTION 245
- (Exam Topic 2)
A company is hosting an application in the AWS Cloud. The company wants to verify that underlying AWS services and general AWS infrastructure are operating
normally.
Which combination of AWS services can the company use to gather the required information? (Select TWO).
A. AWS Personal Health Dashboard.
B. AWS System Manager
C. AWS trusted Advisor
D. AWS Service Health Dashboard
E. AWS Service Catalog
Answer: CD
NEW QUESTION 248
- (Exam Topic 2)
A company runs a web application on Amazon EC2 instances. The application has consistent usage and is expected to run indefinitely. Which EC2 instance
purchasing option will meet these requirements MOST cost-effectively?
A. 1-year All Upfront Reserved Instances
B. 1-year No Upfront Reserved Instances
C. 3-year All Upfront Reserved Instances
D. 3-year No Upfront Reserved Instances
Answer: C
NEW QUESTION 250
- (Exam Topic 2)
A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run on
Amazon EC2 instances.
Which pillar of the AWS Well-Architected Framework does this action cover?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability
Answer: D
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Explanation:
The reliability pillar includes the ability of a system to recover from infrastructure or service disruptions
NEW QUESTION 254
- (Exam Topic 2)
Which of the following is a component of the AWS Global infrastructure?
A. Amazon Alexa
B. AWS Regions
C. Amazon Lightsail
D. AWS Organizations
Answer: B
NEW QUESTION 258
- (Exam Topic 2)
A company recently created its first AWS account.
Which AWS services will require the use of a VPC? (Select TWO.)
A. Amazon S3
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Cognito
D. Amazon DynamoDB
E. Amazon EC2
Answer: BE
NEW QUESTION 262
- (Exam Topic 2)
How can a user protect an Amazon EC2 instance from a suspicious IP address?
A. Block the IP on the inbound rule of a network ACL.
B. Block the IP on the outbound rule of a security group.
C. Block the IP on the inbound rule of a security group and network ACL.
D. Block the IP on the outbound rule of a security group and network ACL.
Answer: A
NEW QUESTION 264
- (Exam Topic 2)
Which of the following is available to a company that has an AWS Business Support plan?
A. AWS Support concierge
B. AWS DDoS Response Team (DRT)
C. AWS technical account manager (TAM)
D. AWS Health API
Answer: D
NEW QUESTION 268
- (Exam Topic 2)
A company wants to design its cloud architecture so that its workloads are resilient can consistently perform their intended functions correctly and can recover from
failure quickly. Which pillar of the AWS
Well-Architected Framework does this architecture represent?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability
Answer: D
NEW QUESTION 272
- (Exam Topic 3)
A company wants the ability to accommodate peak application usage without purchasing equipment for on-premises data centers.
Which AWS Cloud benefit is the company seeking?
A. High availability
B. Security
C. Reliability
D. Elasticity
Answer: D
NEW QUESTION 274
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
- (Exam Topic 3)
A company is developing a new web application. The company must give users the ability to log in to the application through social identity providers.
Which AWS service will meet these requirements?
A. AWS Directory Service
B. Amazon Cognito
C. AWS identity and Access management (IAM)
D. AWS Single Sign-On
Answer: D
NEW QUESTION 277
- (Exam Topic 3)
A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access. What should the company use to access instances remotely
instead of opening inbound SSH ports and
managing SSH keys?
A. EC2 key pairs
B. AWS Systems Manager Session ManagerC AWS Identity and Access Management (1AM)
C. Network ACLs
Answer: B
Explanation:
AWS Systems Manager Session Manager is a new interactive shell and CLI that helps to provide secure, access-controlled, and audited Windows and Linux EC2
instance management. Session Manager removes the need to open inbound ports, manage SSH keys, or use bastion hosts.
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html
NEW QUESTION 280
- (Exam Topic 3)
Which fully managed AWS service assists with the creation, testing and management of custom Amazon EC2 images?
A. EC2 Image Builder
B. Amazon Machine Image (AMI)
C. AWS Launch Wizard
D. AWS Elastic Beanstalk
Answer: A
NEW QUESTION 282
- (Exam Topic 3)
Which AWS service provides recommendations to help users optimize costs and follow AWS best practices?
A. AWS Trusted Advisor
B. AWS Service Catalog
C. AWS Ground Station
D. Amazon GuardDuty
Answer: A
Explanation:
AWS Trusted Advisor provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks
identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas
NEW QUESTION 287
- (Exam Topic 3)
Which AWS feature grants temporary access to specific AWS resources?
A. AWS IAM Access analyzer
B. Service control policies (SCPS)
C. Access control lists (ACLs)
D. IAM roles
Answer: D
NEW QUESTION 290
- (Exam Topic 3)
Which component of the AWS global infrastructure provides low-latency access to content in multiple geographic areas by storing copies of data close to end
users?
A. AWS Regions
B. Availability Zones
C. Local Zones
D. Edge locations
Answer: C
Explanation:
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
AWS Local Zones allow you to use select AWS services, like compute and storage services, closer to more end-users, providing them very low latency access to
the applications running locally.
NEW QUESTION 291
- (Exam Topic 3)
A company provides Amazon Workspaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific
websites that are known to be malicious.
Which AWS service should the company use to meet this requirement?
A. AWS Shield Advanced
B. Amazon Route 53
C. Amazon GuardDuty
D. AWS Network Firewall
Answer: D
Explanation:
https://aws.amazon.com/blogs/desktop-and-application-streaming/filtering-internet-traffic-from-amazon-worksp AWS Network Firewall extends protection beyond
SG- and NACL-levels by protecting at the route level and offering stateless and stateful rules from layers 3 through 7 in the OSI Model. It uses the certificate fully
qualified domain name (FQDN) or Server Name Indication (SNI) to determine if a website is allowed for HTTPS traffic. This is a commonly requested security
requirement. Reviewing these design examples of AWS Network Firewall will accelerate your migration to Amazon WorkSpaces. AWS Network Firewall is a
managed service, with no infrastructure to manage or patch you can simplify operational excellence. Native settings for advanced filtering (including domain
name), and network traffic inspection can alert and block traffic related to malware. It also has layer 7 intrusion prevent system (IPS) rules, and the ability to apply
TLS fingerprinting to prevent a spoofed IP or FQDN.
NEW QUESTION 292
- (Exam Topic 3)
Which AWS service can be used to decouple applications?
A. AWSConfig
B. Amazon Simple Queue Service (Amazon SQS)
C. AWS Batch
D. Amazon Simple Email Service (Amazon SES)
Answer: B
Explanation:
https://docs.aws.amazon.com/sqs/?id=docs_gateway
Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed
systems, and serverless applications. Amazon SQS moves data between distributed application components and helps you decouple these components.
NEW QUESTION 294
- (Exam Topic 3)
A company wants its Amazon EC2 instance to share the same geographic area but use redundant underlying power sources.
Which solution will meet these requirements?
A. Use EC2 instance across multiple Availability Zones in the same AWS Region.
B. Use Amazon CloudFront as the database for the EC2 instances.
C. Use EC2 instances in the same edge location and the same Availability Zone.
D. Use EC2 instances in AWS OpsWorks stacks in different AWS Regions.
Answer: A
NEW QUESTION 298
- (Exam Topic 3)
A company is building a business intelligence solution using Amazon Redshift. The company wants to use an AWS service to create interactive dashboards and
not pay any upfront costs for it.
Which service should the company use?
A. Amazon CloudWatch
B. AWS Personal Health Dashboard
C. AWS Service Catalog
D. Amazon QuickSight
Answer: D
NEW QUESTION 299
- (Exam Topic 3)
Which AWS service or resource is serverless?
A. AWS Snowball Edge
B. Amazon EC2
C. Amazon Elastic kubernetes Service (Amazon EKS)
D. Amazon API Gateway
Answer: D
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 302
- (Exam Topic 3)
Which AWS services use cloud-native storage that provides replication across multiple Availability Zones by default? (Choose two.)
A. Amazon ElastiCache
B. Amazon RDS for Oracle
C. Amazon Neptune
D. Amazon DocumentDB (with MongoDB compatibility)
E. Amazon Redshift
Answer: BE
NEW QUESTION 305
- (Exam Topic 3)
A company wants to protect resources that the company hosts on AWS, including Application Load Balancers and Amazon CloudFront distributions. The company
wants an AWS service that can provide near real-time visibility into attacks on the company's resources. The service must also have a dedicated AWS team to
assist with distributed denial of service (DDoS) attacks.
Which AWS service will meet these requirements?
A. AWS WAF
B. AWS Shield Standard
C. Amazon Macie
D. AWS Shield Advanced
Answer: D
Explanation:
https://aws.amazon.com/shield/faqs/
NEW QUESTION 310
- (Exam Topic 3)
Which AWS service or feature can a company use to apply security rules to a subnet for Amazon EC2 instances?
A. AWSWAF
B. AWS Shield
C. Network ACLs
D. Security groups
Answer: B
NEW QUESTION 314
- (Exam Topic 3)
Which of the following is an architectural design principle of the AWS WeII-Architected Framework?
A. Loosely couple components
B. Build monolithic systems
C. Scale vertically, not horizontally
D. Use third-party software
Answer: A
NEW QUESTION 319
- (Exam Topic 3)
A company acquired another corporation. The company now has two AWS accounts.
Which AWS service or tool can the company use to consolidate the billing for these two accounts?
A. AWS Systems Manager
B. AWS Organizations
C. AWS License Manager
D. Cost Explorer
Answer: B
NEW QUESTION 324
- (Exam Topic 3)
Which pillar of the AWS Well-Architected Framework includes the design principle of defining workloads, applications, and infrastructure as code (laC)?
A. Operational excellence
B. Reliability
C. Performance efficiency
D. Security
Answer: A
NEW QUESTION 329
- (Exam Topic 3)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
What is the security best practice concerning sensitive data stored in Amazon S3?
A. Enable cross-Region replication on the S3 bucket.
B. Enable S3 server-side encryption on the S3 bucket.
C. Configure AWS WAF to prevent unauthorized access to the S3 bucket.
D. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.
Answer: B
NEW QUESTION 331
- (Exam Topic 3)
A company needs fully managed, highly reliable, and scalable file storage that is accessible over the Server Message Block (SMB) protocol.
Which AWS service will meet these requirements?
A. Amazon S3
B. Amazon Elastic File System (Amazon EFS)
C. Amazon FSx for Windows File Server
D. Amazon Elastic Block Store (Amazon EBS)
Answer: C
Explanation:
https://www.amazonaws.cn/en/fsx/windows/
NEW QUESTION 336
- (Exam Topic 3)
What is a benefit of moving to the AWS Cloud in terms of improving time to market?
A. Decreased deployment speed
B. Increased application security
C. Increased business agility
D. Increased backup capabilities
Answer: C
NEW QUESTION 340
- (Exam Topic 3)
Which of the following will help a user determine if they need to request a VPC service limit increase?
A. AWS Personal Health Dashboard
B. AWS Trusted Advisor
C. AWS Cost and Usage Report
D. AWS Service Catalog
Answer: A
NEW QUESTION 342
- (Exam Topic 3)
A company is building AWS architecture to deliver real-time data feeds from an on-premises data center into an application that runs on AWS. The company needs
a consistent network connection with minimal latency.
What should the company use to connect the application and the data center to meet these requirements?
A. AWS Direct Connect
B. Public internet
C. AWS VPN
D. Amazon Connect
Answer: D
NEW QUESTION 345
- (Exam Topic 3)
A company needs to use a serverless interactive query service to analyze data in Amazon S3. The query service must support standard SQL.
Which AWS service will meet these requirements?
A. Amazon Redshift
B. AWS Glue
C. Amazon Athena
D. Amazon Kinesis Data Streams
Answer: C
NEW QUESTION 349
- (Exam Topic 3)
Which AWS service gives users the ability to provision a dedicated and private network connection from their internal network to AWS?
A. AWS CIoudHSM
B. AWS Direct Connect
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
C. AWS VPN
D. Amazon Connect
Answer: B
Explanation:
AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry
standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows you to use the same connection to access public
resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon
Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments. Virtual interfaces can be
reconfigured at any time to meet your changing needs.
NEW QUESTION 353
- (Exam Topic 3)
A company wants to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud. Which AWS service should the
company use to reduce management overhead for this environment?
A. Amazon Elastic Container Service (Amazon ECS)
B. Amazon SageMaker
C. Amazon RDS
D. Amazon Athena
Answer: B
NEW QUESTION 356
- (Exam Topic 3)
A company runs an application in the AWS Cloud. The level of traffic to the application vary throughout the week. The company wants to increase the reliability of
its application at all times, even during times of high traffic.
Which combination of steps will meet this requirement? (Select TWO.)
A. Test recovery procedures.
B. Purchase instance weekly based on the previous week’s high traffic points.
C. Handle software failures automatically.
D. Scale the application vertically.
E. Make all changes in the environment manually.
Answer: CD
NEW QUESTION 360
- (Exam Topic 3)
If a company wants to build an interactive chatbot to make a call center more efficient, which AWS service should be used?
A. Amazon Connect
B. Amazon Lex
C. Amazon Translate
D. Amazon Polly
Answer: B
NEW QUESTION 364
- (Exam Topic 3)
Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud?
A. Go global in minutes.
B. Make frequent, small, reversible changes.
C. Implement a strong foundation of identity and access management.
D. Stop spending money on hardware infrastructure for data center operations.
Answer: B
NEW QUESTION 367
- (Exam Topic 3)
A company needs to store infrequently used data archives and long-term backups.
Which AWS service or storage class will meet these requirements MOST cost-effectively?
A. Amazon FSx for Lustre.
B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon Elastic File System (Amazon EFS)
D. Amazon S3 Glacier Flexible Retrieval
Answer: D
NEW QUESTION 370
- (Exam Topic 3)
A developer needs to use a standardized template to create copies of a company's AWS architecture for development, test, and production environments. Which
AWS service should the developer use to meet this requirement?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. AWS Cloud Map
B. AWS CloudFormation
C. Amazon CloudFront
D. AWS CloudTrail
Answer: B
NEW QUESTION 373
- (Exam Topic 3)
A company needs network access to be restricted to an Amazon EC2 instance for certain ports. Which AWS services or features will support this requirement?
(Select TWO.)
A. Amazon Elastic Block Store (Amazon EBS)
B. Network ACLs
C. IAM Password rotation policy
D. Security groups
E. Amazon Route 53 record sets
Answer: BD
NEW QUESTION 375
- (Exam Topic 3)
Which AWS service requires the customer to patch the guest operating system?
A. AWS Lambda
B. Amazon OpenSearch Service
C. Amazon EC2
D. Amazon ElastiCache
Answer: C
NEW QUESTION 376
- (Exam Topic 3)
Which AWS service or feature can a company use to create a private, secured, and scalable network environment in the AWS Cloud?
A. Amazon Elastic Container Service (Amazon ECS)
B. Amazon S3
C. Amazon VPC
D. Route tables
Answer: C
NEW QUESTION 380
- (Exam Topic 3)
A company needs the historical cost and service usage details of its Amazon EC2 instances. Which AWS service or tool will provide this information?
A. AWS Budgets
B. Amazon Forecast
C. AWS Cost Explorer
D. AWS Pricing Calculator
Answer: C
Explanation:
AWS Cost Explorer helps you visualize, understand, and manage your AWS costs and usage over a daily or monthly granularity. You can also access your data
with further granularity by enabling hourly and resource level granularity.
NEW QUESTION 382
- (Exam Topic 3)
Which AWS service should a company use to check for 1AM access keys that have not been rotated recently?
A. AWSWAF
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS Certificate Manager (ACM)
Answer: B
Explanation:
Service quotas are the maximum number of resources that you can create in an AWS account. AWS implements quotas to provide highly available and reliable
service to all customers, and protects you from unintentional spend. Trusted Advisor will notify you once you reach more than 80% of a service quota. You can
then follow recommendations to delete resources or request a quota increase.
NEW QUESTION 387
- (Exam Topic 3)
Which AWS service provides a virtual desktop solution?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. Amazon EC2
B. AWS Elastic Beanstalk
C. AWS System Manager
D. Amazon Workspaces
Answer: C
NEW QUESTION 391
- (Exam Topic 3)
A company is planning to configure multi-factor authentication (MFA) for a business application. The company needs to use text messages to distribute one-time
passwords to us customers worldwide. When AWS service should the company use to meet this requirement?
A. Amazon EventBridge (Amazon CloudWatch Events)
B. AWS identity and Access Management (IAM)
C. Amazon Simple Notification Service (Amazon SNS)
D. Amazon Connect
Answer: C
NEW QUESTION 393
- (Exam Topic 3)
A company needs an AWS design solution for a distributed system. The system's components need to be set up so that one system component cannot negatively
impact another component. Which AWS architectural best practice will meet this requirement?
A. Use request throttling
B. Use a stateful service
C. Implement automatic data backups
D. Implement loose coupling
Answer: C
NEW QUESTION 395
- (Exam Topic 3)
Which AWS services can a company use to achieve a loosely coupled architecture? (Select TWO.)
A. Amazon Workspaces
B. Amazon Simple Queue Service (Amazon SQS.)
C. Amazon Connect
D. AWS Trusted Advisor
E. AWS Step Functions
Answer: BE
NEW QUESTION 399
- (Exam Topic 3)
A company has a serverless application that includes an Amazon API Gateway API, an AWS Lambda function, and an Amazon DynamoDB database.
Which AWS service can the company use to trace user requests as they move through the application's components?
A. AWS CloudTrail
B. Amazon CloudWatch
C. Amazon Inspector
D. AWS X-Ray
Answer: D
Explanation:
X- ray - https://aws.amazon.com/xray/ CloudTrail - audit
Cloudwatch - monitor
Inspector - vulnerability management X-Ray – tracing
NEW QUESTION 403
- (Exam Topic 3)
Which AWS service can a company use to analyze and debug performance issues of an AWS Lambda function?
A. Amazon Inspector
B. Amazon Detective
C. AWS CodeStar
D. AWS X-Ray
Answer: D
Explanation:
https://docs.aws.amazon.com/lambda/latest/operatorguide/general-approach.html
NEW QUESTION 404
- (Exam Topic 3)
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A company wants to reconfigure its ecommerce application to automatically scale to meet customer demands. The company wants the operating system that the
application runs on to be automatically updated.
Which AWS service will meet these requirements?
A. Amazon Lightsail
B. Amazon EC2
C. AWS Lambda
D. Amazon EC2 Auto Scaling
Answer: C
NEW QUESTION 406
- (Exam Topic 3)
Which AWS services or features can a company use lo connect the network of its on-premises data center to AWS? (Select TWO.)
A. AWS VPN
B. AWS Directory Service
C. AWS Data Pipeline
D. AWS Direct Connect
E. AWS CloudHSM
Answer: AD
NEW QUESTION 410
- (Exam Topic 3)
A company's headquarters is located on a different continent from where the majority of the company's customers live. The company wants an AWS Cloud
environment setup that will provide the lowest latency to the customers.
Which solution will provide the LOWEST network latency between the AWS resources and the customers?
A. Place the resources in the AWS Region that is closest to the company's headquarter
B. Move the resources to the Availability Zone that is closest to the customers.
C. Place all workloads in the AWS Region that is closest to the company's headquarters.
D. Place all workloads in the AWS Region that is closest to the majority of customers.
E. Place the resources in AWS edge locations that are closest to the company's headquarters.
Answer: C
NEW QUESTION 415
- (Exam Topic 3)
Which of the following is a benefit of deploying workloads in multiple AWS Regions?
A. It increases the performance of Amazon EC2 instances.
B. It is the most cost-effective deployment model.
C. It is faster to deploy workloads across multiple AWS Regions than in a single Region.
D. It reduces latency for users who are in different geographic areas.
Answer: D
NEW QUESTION 417
- (Exam Topic 3)
A company needs to track the relationships among AWS resources. The company also needs to review resource dependencies before the company makes any
changes to the resources.
Which AWS service can the company use to meet these requirements?
A. AWS Trusted Advisor
B. AWS Confit
C. AWS Resource Access Manager (AWS RAM)
D. AWS System Manager
Answer: B
NEW QUESTION 420
- (Exam Topic 3)
A company wants to continuously improve processes and procedures to deliver business value. Which pillar of the AWS Well-Architected Framework does this
goal represent?
A. Performance efficiency
B. Operational excellence
C. Reliability
D. Sustainability
Answer: B
Explanation:
https://aws.amazon.com/blogs/apn/the-6-pillars-of-the-aws-well-architected-framework/#:~:text=1.-,Operational
NEW QUESTION 423
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
- (Exam Topic 3)
A company needs to set up user authentication for a new application. Users must be able to sign in directly with a user name and password, or through a third-
party provider.
Which AWS service should the company use to meet these requirements?
A. AWS 1AM Identity Center (AWS Single Sign-On)
B. AWS Signer
C. Amazon Cognito
D. AWS Directory Service
Answer: C
NEW QUESTION 426
- (Exam Topic 3)
A company needs to block SQL injection attacks.
Which AWS service or feature provides this functionality?
A. AWS WAF
B. Network ACLs
C. Security groups
D. AWS Trusted Advisor
Answer: A
NEW QUESTION 428
- (Exam Topic 3)
A company needs to migrate all of its development teams to a cloud-based integrated development environment (IDE).
Which AWS service should the company use?
A. AWS CodeBuild
B. AWS Cloud9
C. AWS OpsWorks
D. AWS Cloud Development Kit (AWS CDK)
Answer: B
Explanation:
cloud-based integrated devWS Cloud9 is an integrated development environment, or IDE. The AWS Cloud9 IDE offers a rich code-editing experience with support
for several programming languages and runtime debuggers, and a built-in terminal.elopment environment (IDE)
https://aws.amazon.com/es/cloud9/details/ AWS Cloud9 es un entorno de desarrollo integrado (IDE) basado en la nube que le permite escribir, ejecutar y depurar
código desde cualquier equipo con tan solo un navegador.
NEW QUESTION 432
- (Exam Topic 3)
A company has an on-premises application. The application has process times of less than 5 minutes and is involved only a few times each day. The company
wants to move the application to the AWS Cloud.
Which AWS service will support this application MOST cost-effectively?
A. Amazon Elastic Container Service (Amazon ECS)
B. AWS Lambda
C. Amazon Elastic Kubemetes Service (Amazon EKS)
D. Amazon EC2
Answer: C
NEW QUESTION 437
- (Exam Topic 3)
Which AWS service or feature provides high availability and low latency within an AWS Region?
A. Edge locations
B. Availability Zones
C. AWS Outposts
D. Amazon Route 53
Answer: B
NEW QUESTION 440
- (Exam Topic 3)
A company wants to build an application that uses AWS Lambda to run Python code.
Under the AWS shared responsibility model, which tasks will be the company's responsibility? (Select TWO.)
A. Management of the underlying infrastructure.
B. Management of the operating system.
C. Writing the business logic code.
D. Installation of the computer language runtime.
E. Providing AWS Identity and Access Management (IAM) access to the Lambda service.
Answer: CE
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 443
- (Exam Topic 3)
Where can AWS users review answers to frequently asked questions about security in the AWS Cloud?
A. AWS Trusted Advisor
B. AWS Knowledge Center
C. AWS Support Center
D. AWS Artifact
Answer: B
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/
NEW QUESTION 444
- (Exam Topic 3)
Why is an AWS Well-Architected review a critical part of the cloud design process?
A. A Well-Arch Heeled review is mandatory before a workload can run on AWS.
B. A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents.
C. A Well-Architected review is an audit mechanism that is a part of requirements for service level agreements.
D. A Well-Architected review eliminates the need for ongoing auditing and compliance tests.
Answer: B
NEW QUESTION 447
- (Exam Topic 3)
Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)
A. Patch the Amazon EC2 guest operating system.
B. Upgrade the firmware of the network infrastructure.
C. Apply password rotation for 1AM users.
D. Maintain the physical security of edge locations.
E. Maintain least privilege access to the root user account.
Answer: BD
Explanation:
https://aws.amazon.com/compliance/shared-responsibility-model/
NEW QUESTION 449
- (Exam Topic 3)
A company is using AWS Organizations to configure AWS accounts. Which design principle is a best practice for the company to implement?
A. Organize accounts based on security and operational needs.
B. Assign multiple sets of related workloads to each production account.
C. Deploy workloads to the organization's management account.
D. Combine production workloads and non-production workloads.
Answer: A
NEW QUESTION 451
- (Exam Topic 3)
Which of the following are characteristics of AWS Regions and Availability Zones? (Select TWO.)
A. Regions bring AWS services to on-premises facilities.
B. Regions consist of multiple Availability Zones.
C. An Availability Zone contains several Regions.
D. Regions are within 100 km (60 miles) of each other.
E. Regions are located around the world.
Answer: B
NEW QUESTION 453
- (Exam Topic 3)
Which AWS service should a company use to provision, manage, and deploy SSL/TLS certificates?
A. AWS Secrets Manager
B. Amazon Inspector
C. AWS CodeDeploy
D. AWS Certificate Manager (ACM)
Answer: D
NEW QUESTION 455
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
- (Exam Topic 3)
Which design principle is achieved by following the reliability pillar of the AWS We 11-Architected Framework?
A. Vertical scaling
B. Manual failure recovery
C. Testing recovery procedures
D. Changing infrastructure manually
Answer: C
Explanation:
Testing recovery procedures Reliability
Design Principles
Automatically recover from failure Test recovery procedures
Scale horizontally to increase aggregate workload availability Stop guessing capacity
Manage change in automation
NEW QUESTION 457
- (Exam Topic 3)
Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)
A. Resource scalability
B. Performance efficiency
C. System elasticity
D. Agile development
E. Operational excellence
Answer: BE
Explanation:
Creating a software system is a lot like constructing a building. If the foundation is not solid, structural problems can undermine the integrity and function of the
building. When architecting technology solutions, if you neglect the six pillars of operational excellence, security, reliability, performance efficiency, cost
optimization, and sustainability, it can become challenging to build a system that delivers on your expectations and requirements. Incorporating these pillars into
your architecture will help you produce stable and efficient systems. This will allow you to focus on the other aspects of design, such as functional requirements.
Pillars
Operational excellence Security
Reliability Performance efficiency Cost optimization Sustainability
NEW QUESTION 458
- (Exam Topic 3)
A company wants to run its applications in the AWS Cloud. The company does not have enough staff to maintain and protect its critical business applications.
Which AWS service should the company use to perform these tasks?
A. AWS Shield
B. Amazon RDS
C. AWSConfig
D. AWS Managed Services (AMS)
Answer: C
NEW QUESTION 462
- (Exam Topic 3)
What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda?
A. Maintenance of the underlying Lambda hardware.
B. Maintenance of the Lambda networking infrastructure.
C. The code and libraries that run in the lambda function.
D. The Lambda server software.
Answer: C
NEW QUESTION 466
- (Exam Topic 3)
A company needs help with a specific question that is related to a planned AWS deployment of a business application. The company has only the AWS Basic
Support plan. The company wants to have the question answered immediately by an expert who has adequate skills and experience.
Which action should the company take to meet these requirements?
A. Submit the question to AWS Support by phone or live chat.
B. Submit the question in AWS re:Post
C. Connect with other AWS customers by using AWS Connect
D. Connect with an AWS professional by using AWS IQ.
Answer: A
NEW QUESTION 471
- (Exam Topic 3)
A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously. Which option offers a discounted hourly
rate compared to the hourly rate of On-Demand Instances?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. AWS Graviton processor
B. Dedicated Hosts
C. EC2 Instance Savings Plans
D. Amazon EC2 Auto Scaling Instances
Answer: C
NEW QUESTION 474
- (Exam Topic 3)
What is a characteristic of Convertible Reserved Instances (RIs)?
A. Users can exchange Convertible Rls for other Convertible RIs from a different instance family.
B. Users can exchange Convertible Rls for other Convertible Rls in different AWS Regions.
C. Users can sell and buy Convertible Rls on the AWS Marketplace.
D. Users can shorten the term of their Convertible Rls by merging them with other Convertible Rls.
Answer: A
NEW QUESTION 477
- (Exam Topic 3)
A company is designing a web application that will run on Amazon EC2 instances.
Which AWS services and features will improve availability and reduce the impact of failures for this application? (Choose two.)
A. Amazon EC2 Auto Scaling for the EC2 instances
B. VPC subnet ACLs to check the health of a service
C. Resources that are distributed across multiple Availability Zones
D. Configuration of AWS Server Migration Service (AWS SMS) to move the EC2 instances to a different AWS Region
E. Resources that are distributed across multiple AWS points of presence
Answer: AC
NEW QUESTION 478
- (Exam Topic 3)
Which activity is considered out of scope for AWS Support?
A. Solving problems detected by Amazon EC2 health checks
B. Answering ‘’how to’’ question on AWS services and features
C. Troubleshooting AWS APIs
D. Tuning database queries
Answer: C
NEW QUESTION 481
- (Exam Topic 3)
Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Select TWO.)
A. Users must manually configure Amazon EC2 instances.
B. Users have a choice of operating systems.
C. The application has built-in fault tolerance
D. Users can run Amazon EC2 Spot Instances.
E. The application can scale based on demand.
Answer: AE
NEW QUESTION 486
- (Exam Topic 3)
Which of the following is an advantage that the AWS Cloud provides to users?
A. Users eliminate the need to guess about infrastructure capacity requirements.
B. Users decrease their variable costs by maintaining sole ownership of IT hardware.
C. Users maintain control of underlying IT infrastructure hardware.
D. Users maintain control of operating system for managed services.
Answer: A
NEW QUESTION 488
- (Exam Topic 3)
How does the AWS Cloud help companies build agility into their processes and cloud infrastructure?
A. Companies can avoid provisioning too much capacity when they do not know how much capacity is required.
B. Companies can expand into new geographic regions.
C. Companies can access a range of technologies to experiment and innovate quickly.
D. Companies can pay for IT resources only when they use the resources.
Answer: C
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
NEW QUESTION 491
- (Exam Topic 3)
A company is defining its AWS multi-account strategy. The company needs to control access to AWS services and needs to consolidate billing across accounts.
Which AWS service should the company use to meet these requirements?
A. AWS Organizations
B. AWS Identity and Access Management (IAM)
C. AWS Billing and Cost Management
D. Amazon Cognito
Answer: A
NEW QUESTION 495
- (Exam Topic 3)
A company uses Amazon EC2 instances to run its web application. The company uses On-demand instances and Spot instances. The company needs to visualize
its monthly spending on both types of instances.
Which AWS service or feature will meet this requirement?
A. AWS Cost Explorer
B. AWS Budgets
C. Amazon CloudWatch
D. AWS Cost Categories
Answer: A
NEW QUESTION 497
- (Exam Topic 3)
How does the AWS global infrastructure offer high availability and fault tolerance to its users?
A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk, and are
interconnectedwith low-latency networks and redundant power supplies.
B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location.
C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions.
D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that are connected with low-latency networking and redundant
power supplies.
Answer: D
NEW QUESTION 501
- (Exam Topic 3)
Which AWS services can a company use to transfer on-premises data to the AWS Cloud? (Select TWO.)
A. AWS Snowcone
B. AWS Transit Gateway
C. AWS DataSync
D. AWS Backup
E. Amazon Connect
Answer: AC
NEW QUESTION 504
- (Exam Topic 3)
Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of:
A. a loosely coupled architecture.
B. a tightly coupled architecture.
C. a stateless architecture.
D. a stateful architecture.
Answer: A
NEW QUESTION 508
- (Exam Topic 3)
Which AWS service helps users audit API activity across their AWS account?
A. AWS CloudTrail
B. Amazon Inspector
C. AWSWAF
D. AWS Config
Answer: A
NEW QUESTION 512
- (Exam Topic 3)
A company needs an AWS service that will continuously monitor the company's AWS account for suspicious activity. The service must have the ability to initiate
automated actions against threats that are identified in the security findings.
Which service will meet these requirements?
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
A. AWS Trusted Advisor
B. Amazon Detective
C. Amazon Inspector
D. Amazon GuardDuty
Answer: D
Explanation:
Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security
findings for visibility and remediation.
https://aws.amazon.com/guardduty/
NEW QUESTION 516
- (Exam Topic 3)
A cloud practitioner needs to design a NoSQL database that is highly scalable, is durable, and requires minimal maintenance. Which AWS service meets these
requirements?
A. Amazon RDS for MySQL
B. Microsoft SQL Server on Amazon EC2
C. Amazon DynamoDB
D. Amazon Redshift
Answer: C
NEW QUESTION 521
- (Exam Topic 3)
An ecommerce company has deployed a new web application on Amazon EC2 instances. The company wants to distribute incoming HTTP traffic evenly across all
running instances.
Which AWS service or resource will meet this requirement?
A. Amazon EC2 Auto Scaling
B. Application Load Balancer
C. Gateway Load Balancer
D. Network Load Balancer
Answer: B
NEW QUESTION 523
- (Exam Topic 3)
A company has an application that stores a high volume of unstructured data and session history. The company needs to scale the application reliably to millions
of concurrent users while ensuring consistent low latency.
Which AWS service meets these requirements?
A. Amazon RDS for MariaDB
B. Amazon DynamoDB
C. Amazon RDS for SQL Server
D. Amazon Redshift
Answer: B
NEW QUESTION 526
- (Exam Topic 3)
A company suspects that its AWS resources are being used for illegal activities. Which AWS group or team should the company notify?
A. AWS Abuse team
B. AWS Support team
C. AWS technical account managers
D. AWS Professional Services team
Answer: A
Explanation:
"If you suspect that AWS resources are used for abusive purposes, contact the AWS Trust & Safety team using the Report Amazon AWS abuse form, or by
contacting [email protected]. Provide all the necessary information, including logs in plaintext, email headers, and so on, when you submit your request.
Note: AWS Support can't assist with reports of abuse or questions about notifications from the AWS Trust & Safety team. If you have questions for the AWS Trust
& Safety team, reply directly to their email.
NEW QUESTION 528
- (Exam Topic 3)
Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Select TWO.)
A. EC2 Reserved Instances
B. EC2 Amazon Machine Images (AMIs)
C. Amazon Elastic Block Store (Amazon EBS) snapshots
D. AWS Shield
E. Amazon GuardDuty
Answer: BC
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Explanation:
https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options- You can back up Amazon EC2 instances used by
your workload as Amazon Machine Images (AMIs). The AMI is created from snapshots of your instance's root volume and any other EBS volumes attached to your
instance. You can use this AMI to launch a restored version of the EC2 instance
NEW QUESTION 531
- (Exam Topic 3)
A company wants to build an application that consists entirely of microservices. Which AWS Cloud architecture design principle supports this goal?
A. Think parallel
B. Implement elasticity
C. Stop guessing capacity
D. Decouple components
Answer: D
NEW QUESTION 532
......
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Recommend!! Get the Full CLF-C02 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/CLF-C02-exam-dumps.html (120 New Questions)
Thank You for Trying Our Product
We offer two products:
1st - We have Practice Tests Software with Actual Exam Questions
2nd - Questons and Answers in PDF Format
CLF-C02 Practice Exam Features:
* CLF-C02 Questions and Answers Updated Frequently
* CLF-C02 Practice Questions Verified by Expert Senior Certified Staff
* CLF-C02 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* CLF-C02 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year
100% Actual & Verified — Instant Download, Please Click
Order The CLF-C02 Practice Test Here
Passing Certification Exams Made Easy visit - https://www.surepassexam.com
Powered by TCPDF (www.tcpdf.org)
You might also like
- Amazon Web Services Actualtests clf-c02 Rapidshare 2023-Dec-03 by Clyde 57q VceNo ratings yetAmazon Web Services Actualtests clf-c02 Rapidshare 2023-Dec-03 by Clyde 57q Vce20 pages
- Real Exam Practice Question Aws CCP 201 - 300No ratings yetReal Exam Practice Question Aws CCP 201 - 30023 pages
- CCP Exam Question Bank 1 (No Answers - Just Plain)No ratings yetCCP Exam Question Bank 1 (No Answers - Just Plain)24 pages
- AWS Certified Cloud Practitioner CLF C02 Exam Exam Q&as, Page 1100% (1)AWS Certified Cloud Practitioner CLF C02 Exam Exam Q&as, Page 1148 pages
- AWS Certified Cloud Practitioner CLF-C02 Exam100% (2)AWS Certified Cloud Practitioner CLF-C02 Exam82 pages
- AWS Certified Cloud Practitioner CLF-C02 p1..No ratings yetAWS Certified Cloud Practitioner CLF-C02 p1..14 pages
- AWS Cloud Practitioner - Practice QuestionsNo ratings yetAWS Cloud Practitioner - Practice Questions97 pages
- AWS Certified Cloud Practitioner CLF-C02 Exam - F100% (3)AWS Certified Cloud Practitioner CLF-C02 Exam - F291 pages
- AWS Cloud Services and Best Practices QuizNo ratings yetAWS Cloud Services and Best Practices Quiz18 pages
- La Matrix - Manual Del Usuario - Fabian O. OlazNo ratings yetLa Matrix - Manual Del Usuario - Fabian O. Olaz363 pages
- C Programming Unit-5 User Defined FunctionsNo ratings yetC Programming Unit-5 User Defined Functions26 pages
- Programming Fundamentals Using C++ Question Paper 2016 - TutorialsduniyaNo ratings yetProgramming Fundamentals Using C++ Question Paper 2016 - Tutorialsduniya13 pages
- Chapter - PLC Operation: Keyboard (Input) X 8 6 CPU Serial Mouse (Input) SVGA Screen (Output)No ratings yetChapter - PLC Operation: Keyboard (Input) X 8 6 CPU Serial Mouse (Input) SVGA Screen (Output)8 pages
- Project Report: Hospital Management SystemNo ratings yetProject Report: Hospital Management System10 pages
