Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Amazon Web Services CLF-C02 Dumps Questions Answers

Page: 1 / 59
Total 785 questions

AWS Certified Cloud Practitioner Questions and Answers

Question 1

Which AWS service or feature will search for and identify AWS resources that are shared externally?

Options:

A.

Amazon OpenSearch Service

B.

AWS Control Tower

C.

AWS IAM Access Analyzer

D.

AWS Fargate

Buy Now
Question 2

What is the purpose of having an internet gateway within a VPC?

Options:

A.

To create a VPN connection to the VPC

B.

To allow communication between the VPC and the internet

C.

To impose bandwidth constraints on internet traffic

D.

To load balance traffic from the internet across Amazon EC2 instances

Question 3

Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?

Options:

A.

Amazon Route 53

B.

Amazon Macie

C.

AWS Direct Connect

D.

AWS PrivaleLink

Question 4

A company has an application that runs periodically in an on-premises environment. The application runs for a few hours most days, but runs for 8 hours a day for a week at the end of each month.

Which AWS service or feature should be used to host the application in the AWS Cloud?

Options:

A.

Amazon EC2 Standard Reserved Instances

B.

Amazon EC2 On-Demand Instances

C.

AWS Wavelength

D.

Application Load Balancer

Question 5

Which options are AWS Cloud Adoption Framework (AWS CAF) cloud transformation journey

recommendations? (Select TWO.)

Options:

A.

Envision phase

B.

Align phase

C.

Assess phase

D.

Mobilize phase

E.

Migrate and modernize phase

Question 6

A user needs a relational database but does not have the resources to manage the hardware, resiliency, and replication.

Which AWS service option meets the user's requirements'?

Options:

A.

Run MySQL on Amazon Elastic Container Service (Amazon ECS)

B.

Run MySQL on Amazon EC2

C.

Choose Amazon RDS for MySQL

D.

Choose Amazon ElastiCache for Redis

Question 7

A company wants to grant users in one AWS account access to resources in another AWS account. The users do not currently have permission to access the resources.

Which AWS service will meet this requirement?

Options:

A.

IAM group

B.

IAM role

C.

IAM tag

D.

IAM Access Analyzer

Question 8

A company wants its AWS usage to be more sustainable. The company wants to track, measure, review, and forecast polluting emissions that result from its AWS applications.

Which AWS service or tool can the company use to meet these requirements?

Options:

A.

AWS Health Dashboard

B.

AWS customer carbon footprint tool

C.

AWS Support Center

D.

Amazon QuickSight

Question 9

A systems administrator created a new 1AM user for a developer and assigned the user an access key instead of a user name and password. What is the access key used for?

Options:

A.

To access the AWS account as the AWS account root user

B.

To access the AWS account through the AWS Management Console

C.

To access the AWS account through a CLI

D.

To access all of a company's AWS accounts

Question 10

A company is migrating its workloads to the AWS Cloud. The company must retain full control of patch management for the guest operating systems that host its applications.

Which AWS service should the company use to meet these requirements?

Options:

A.

Amazon DynamoDB

B.

Amazon EC2

C.

AWS Lambda

D.

Amazon RDS

Question 11

Which AWS service can a company use to manage encryption keys in the cloud?

Options:

A.

AWS License Manager

B.

AWS Certificate Manager (ACM)

C.

AWS CloudHSM

D.

AWS Directory Service

Question 12

A company has deployed an application in the AWS Cloud. The company wants to ensure that the application is highly resilient.

Which component of AWS infrastructure can the company use to meet this requirement?

Options:

A.

Content delivery network (CDN)

B.

Edge locations

C.

Wavelength Zones

D.

Availability Zones

Question 13

Which AWS compute service gives users the ability to securely and reliably run containers at scale?

Options:

A.

Amazon Elastic Container Service (Amazon ECS)

B.

Amazon Aurora

C.

Amazon Athena

D.

Amazon Polly

Question 14

A company's gaming application has been gaining popularity. There has been high demand for the gaming application in countries where the company does not currently deploy the application.

Which advantage of the AWS Cloud can help the company to deploy the application to more countries around the world?

Options:

A.

Increase speed and agility

B.

Go global in minutes

C.

Trade fixed expense for variable expense

D.

Benefit from massive economies of scale

Question 15

Which AWS service can a company use to visually design and build serverless applications?

Options:

A.

AWS Lambda

B.

AWS Batch

C.

AWS Application Composer

D.

AWS App Runner

Question 16

A company wants to migrate its database to a managed AWS service that is compatible with PostgreSQL.

Which AWS services will meet these requirements? (Select TWO)

Options:

A.

Amazon Athena

B.

Amazon RDS

C.

Amazon EC2

D.

Amazon DynamoDB

E.

Amazon Aurora

Question 17

A company wants to design a reliable web application that is hosted on Amazon EC2.

Which approach will achieve this goal?

Options:

A.

Launch large EC2 instances in the same Availability Zone.

B.

Spread EC2 instances across more than one security group.

C.

Spread EC2 instances across more than one Availability Zone.

D.

Use an Amazon Machine Image (AMI) from AWS Marketplace.

Question 18

A company is migrating its data center to AWS. The company needs an AWS Support plan that provides chat access to a cloud sup engineer 24 hours a day, 7 days a week. The company does not require access to infrastructure event management.

What is the MOST cost-effective AWS Support plan that meets these requirements?

Options:

A.

AWS Enterprise Support

B.

AWS Business Support

C.

AWS Developer Support

D.

AWS Basic Support

Question 19

A company Is designing its AWS workloads so that components can be updated regularly and so that changes can be made in small, reversible increments.

Which pillar of the AWS Well-Architected Framework does this design support?

Options:

A.

Security

B.

Performance efficiency

C.

Operational excellence

D.

Reliability

Question 20

A company wants to allow users to authenticate and authorize multiple AWS accounts by using a single set of credentials.

Which AWS service or resource will meet this requirement?

Options:

A.

AWS Organizations

B.

IAM user

C.

AWS IAM Identity Center (AWS Single Sign-On)

D.

AWS Control Tower

Question 21

Which task is the customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Patch a guest operating system that is deployed on an Amazon EC2 instance.

B.

Control physical access to an AWS data center

C.

Control access to AWS underlying hardware.

D.

Patch a host operating system that is deployed on Amazon S3.

Question 22

How does the AWS Enterprise Support Concierge team help users?

Options:

A.

Supporting application development

B.

Providing architecture guidance

C.

Answering billing and account inquiries

D.

Answering questions regarding technical support cases

Question 23

Which tasks are responsibilities of the customer, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Secure the virilization layer.

B.

Encrypt data and maintain data integrity.

C.

Patch the Amazon RDS operating system.

D.

Maintain identity and access management controls.

E.

Secure Availability Zones.

Question 24

A company migrated to the AWS Cloud. Now the company pays for services on an as-needed basis.

Which advantage of cloud computing is the company benefiting from?

Options:

A.

Stop spending money running and maintaining data centers

B.

Increase speed and agility

C.

Go global in minutes

D.

Trade fixed expense for variable expense

Question 25

A company wants its Amazon EC2 instances to be in different locations but share the same geographic area. The company also wants to use multiple power grids and independent networking connectivity for the EC2 instances.

Which solution meets these requirements?

Options:

A.

Use EC2 instances in multiple edge locations in the same AWS Region.

B.

Use EC2 instances in multiple Availability Zones in the same AWS Region.

C.

Use EC2 instances in multiple Amazon Connect locations in the same AWS Region

D.

Use EC2 instances in multiple AWS Artifact locations in the same AWS Region.

Question 26

Which AWS services are supported by Savings Plans? (Select TWO.)

Options:

A.

Amazon EC2

B.

Amazon RDS

C.

Amazon SageMaker

D.

Amazon Redshift

E.

Amazon DynamoDB

Question 27

In the AWS shared responsibility model, which tasks are the responsibility of AWS? (Select TWO.)

Options:

A.

Patch an Amazon EC2 instance operating system.

B.

Configure a security group.

C.

Monitor the health of an Availability Zone.

D.

Protect the infrastructure that runs Amazon EC2 instances.

E.

Manage access to the data in an Amazon S3 bucket

Question 28

A company needs to perform data processing once a week that typically takes about 5 hours to complete. Which AWS service should the company use for this workload?

Options:

A.

AWS Lambda

B.

Amazon EC2

C.

AWS CodeDeploy

D.

AWS Wavelength

Question 29

A company has an on-premises application. The application has processing times of less than 5 minutes and is invoked only a few times each day. The company wants to move the application to the AWS Cloud.

Which AWS service will support this application MOST cost-effectively?

Options:

A.

Amazon Elastic Container Service (Amazon ECS)

B.

AWS Lambda

C.

Amazon Elastic Kubernetes Service (Amazon EKS)

D.

Amazon EC2

Question 30

Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model?

Options:

A.

Physical security of DynamoDB

B.

Patching of DynamoDB

C.

Access to DynamoDB tables

D.

Encryption of data at rest in DynamoDB

Question 31

Which AWS service converts text to lifelike voices?

Options:

A.

Amazon Transcribe

B.

Amazon Rekognition

C.

Amazon Polly

D.

Amazon Textract

Question 32

Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location environments, or on-premises facilities?

Options:

A.

AWS Snowmobile

B.

AWS Local Zones

C.

AWS Outposts

D.

AWS Fargate

Question 33

Which of the following services can be used to block network traffic to an instance? (Select TWO.)

Options:

A.

Security groups

B.

Amazon Virtual Private Cloud (Amazon VPC) flow logs

C.

Network ACLs

D.

Amazon CloudWatch

E.

AWS CloudTrail

Question 34

Which task can only an AWS account root user perform?

Options:

A.

Changing the AWS Support plan

B.

Deleting AWS resources

C.

Creating an Amazon EC2 instance key pair

D.

Configuring AWS WAF

Question 35

Which task must a user perform by using the AWS account root user credentials?

Options:

A.

Make changes to AWS production resources.

B.

Change AWS Support plans.

C.

Access AWS Cost and Usage Reports.

D.

Grant auditors’ access to an AWS account for a compliance audit.

Question 36

A company wants high levels of detection and near-real-time (NRT) mitigation against large and sophisticated distributed denial of service (DDoS) attacks on applications running on AWS.

Which AWS service should the company use?

Options:

A.

Amazon GuardDuty

B.

Amazon Inspector

C.

AWS Shield Advanced

D.

Amazon Macie

Question 37

A company wants to provide one of its employees with access to Amazon RDS. The company also wants to limit the interaction to only the AWS CLl and AWS software development kits (SDKs).

Which combination of actions should the company take to meet these requirements while following the principles of least privilege? (Select TWO)

Options:

A.

Create an 1AM user and provide AWS Management Console access only.

B.

Create an 1AM user and provide programmatic access only.

C.

Create an 1AM role and provide AWS Management Console access only.

D.

Create an 1AM policy with administrator access and attach it to the 1AM user.

E.

Create an 1AM policy with Amazon RDS access and attach it to the 1AM user.

Question 38

A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify infrastructure deployments that do not meet best practices. Which AWS service can the company use to meet these requirements?

Options:

A.

AWS Trusted Advisor

B.

Amazon Inspector

C.

AWSConfig

D.

Amazon GuardDuty

Question 39

Which AWS service is always provided at no charge?

Options:

A.

Amazon S3

B.

AWS Identity and Access Management (IAM)

C.

Elastic Load Balancers

D.

AWS WAF

Question 40

A company needs a bridge between technology and business to help evolve to a culture of continuous growth and learning.

Which perspective in the AWS Cloud Adoption Framework (AWS CAF) serves as this bridge?

Options:

A.

People

B.

Governance

C.

Operations

D.

Security

Question 41

A company has migrated its workloads to AWS. The company wants to adopt AWS at scale and operate more efficiently and securely.

Which AWS service or framework should the company use for operational support?

Options:

A.

AWS Support

B.

AWS Cloud Adoption Framework (AWS CAF)

C.

AWS Managed Services (AMS)

D.

AWS Well-Architected Framework

Question 42

A company is planning to migrate to the AWS Cloud. The company is conducting organizational transformation and wants to become more responsive to customer inquiries and feedback.

Which tasks should the company perform to meet these requirements, according to the AWS Cloud Adoption

Framework (AWS CAF)? (Select TWO.)

Options:

A.

Realign teams to focus on products and value streams.

B.

Create new value propositions with new products and services.

C.

Use agile methods to rapidly iterate and evolve.

D.

Use a new data and analytics platform to create actionable insights.

E.

Migrate and modernize legacy infrastructure.

Question 43

Which service enables customers to audit API calls in their AWS accounts'?

Options:

A.

AWS CloudTrail

B.

AWS Trusted Advisor

C.

Amazon Inspector

D.

AWS X-Ray

Question 44

A company is running a reporting web server application on Amazon EC2 instances. The application runs once every week and once again at the end of the month. The EC2 instances can be shut down when they are not in use.

What is the MOST cost-effective billing model for this use case?

Options:

A.

Standard Reserved Instances

B.

Convertible Reserved Instances

C.

On-Demand Capacity Reservations

D.

On-Demand Instances

Question 45

A company has an application that produces unstructured data continuously. The company needs to store the data so that the data is durable and easy to query.

Which AWS service can the company use to meet these requirements?

Options:

A.

Amazon RDS

B.

Amazon Aurora

C.

Amazon QuickSight

D.

Amazon DynamoDB

Question 46

A company deployed an Amazon EC2 instance last week. A developer realizes that the EC2 instance is no longer running. The developer reviews a list of provisioned EC2 instances, and the EC2 instance is no longer on the list.

What can the developer do to generate a recent history of the EC2 instance?

Options:

A.

Run Cost Explorer to identify the start time and end time of the EC2 instance.

B.

Use Amazon Inspector to find out when the EC2 instance was stopped.

C.

Perform a search in AWS CloudTrail to find all EC2 instance-related events.

D.

Use AWS Secrets Manager to display hidden termination logs of the EC2 instance.

Question 47

A company wants to build a new web application by using AWS services. The application must meet the on-demand load for periods of heavy activity.

Which AWS services or resources provide the necessary workload adjustments to meet these requirements? (Select TWO.)

Options:

A.

Amazon Machine Image (AMI)

B.

Amazon EC2 Auto Scaling

C.

Amazon EC2 instance

D.

AWS Lambda

E.

EC2 Image Builder

Question 48

A company needs to block SOL injection attacks.

Which AWS service or feature provides this functionality?

Options:

A.

AWS WAF

B.

Network ACLs

C.

Security groups

D.

AWS Trusted Advisor

Question 49

Which AWS service provides this functionality?

Options:

A.

AWS IAM Identity Center (AWS Single Sign-On)

B.

AWS Systems Manager

C.

AWS Config

D.

AWS Control Tower

Question 50

A company wants to use a serverless compute service for an application. Which AWS service will meet this requirement?

Options:

A.

AWS Lambda

B.

AWS Cloud Formation

C.

AWS Elastic Beanstalk

D.

Elastic Load Balancing

Question 51

Which advantage of cloud computing allows users to scale resources up and down based on the amount of load that an application supports?

Options:

A.

Go global in minutes

B.

Stop guessing capacity

C.

Benefit from massive economies of scale

D.

Trade fixed expense for variable expense

Question 52

A company has deployed a web application to Amazon EC2 instances. The EC2 instances have low usage. Which AWS service or feature should lite company use in rightsized the FC? instances?

Options:

A.

AWS Config

B.

AWS Cost Anomaly Detection

C.

AWS Budgets

D.

AWS Compute Optimizer

Question 53

A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.

Which AWS service should the company use for the migration?

Options:

A.

AWS Database Migration Service (AWS DMS)

B.

AWS DataSync

C.

AWS Migration Hub

D.

AWS Application Migration Service

Question 54

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO)

Options:

A.

High availability

B.

Performance efficiency

C.

Cost optimization

D.

Going global in minutes

E.

Continuous development

Question 55

A company wants to quickly implement a continuous integration/continuous delivery (CI/CD) pipeline.

Which AWS service will meet this requirement?

Options:

A.

AWS Config

B.

Amazon Cognito

C.

AWS DataSync

D.

AWS CodeStar

Question 56

A user has been granted permission to change their own IAM user password.

Which AWS services can the user use to change the password? (Select TWO.)

Options:

A.

AWS Command Line Interface (AWS CLI)

B.

AWS Key Management Service (AWS KMS)

C.

AWS Management Console

D.

AWS Resource Access Manager (AWS RAM)

E.

AWS Secrets Manager

Question 57

Which AWS feature provides a no-cost platform for AWS users to join community groups, ask questions, find answers, and read community-generated articles about best practices?

Options:

A.

AWS Knowledge Center

B.

AWS re:Post

C.

AWS 10

D.

AWS Enterprise Support

Question 58

A company wants to migrate its applications to the AWS Cloud. The company plans to identity and prioritize any business transformation opportunities and evaluate its AWS Cloud readiness. Which AWS service or tool should the company use to meet these requirements?

Options:

A.

AWS Cloud Adoption Framework (AWS CAF)

B.

AWS Managed Services (AMS)

C.

AWS Well-Architected Framework

D.

AWS Migration Hub

Question 59

A company wants to migrate critical on-premises production systems to Amazon EC2 instances. The production instances will be used for at least 3 years. The company wants a pricing option that will minimize cost.

Which solution will meet these requirements?

Options:

A.

On-Demand Instances

B.

Reserved Instances

C.

Spot Instances

D.

AWS Free Tier

Question 60

A company has a centralized group of users with large file storage requirements that have exceeded the space available on premises. The company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally.

What is the MOST operationally efficient AWS solution for this scenario?

Options:

A.

Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility.

B.

Configure and deploy an AWS Storage Gateway file gateway. Connect each user's workstation to the file gateway.

C.

Move each user's working environment to Amazon Workspaces. Set up an Amazon WorkDocs account for each user.

D.

Deploy an Amazon EC2 instance and attach an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS volume. Share the EBS volume directly with the users.

Question 61

Which AWS service or feature offers security for a VPC by acting as a firewall to control traffic in and out of subnets?

Options:

A.

AWS Security Hub

B.

Security groups

C.

Network ACL

D.

AWSWAF

Question 62

For which use case are Amazon EC2 On-Demand Instances MOST cost-effective?

Options:

A.

Compute-intensive video transcoding that can be restarted it necessary

B.

An instance in continual use for 1 month to conduct quality assurance tests

C.

An instance that runs a web server that will run for 1 year

D.

An instance that runs a database that will run for 3 years

Question 63

A company needs to convert video files and audio files to a format that will play on smartphones.

Which AWS service will meet this requirement?

Options:

A.

Amazon Comprehend

B.

Amazon Rekognition

C.

Amazon Elastic Transcoder

D.

Amazon Polly

Question 64

Which cloud computing advantage is a company applying when it uses AWS Regions to increase application availability to users in different countries?

Options:

A.

Pay-as-you-go pricing

B.

Capacity forecasting

C.

Economies of scale

D.

Global reach

Question 65

Which perspective in the AWS Cloud Adoption Framework (AWS CAF) includes a capability for well-designed data and analytics architecture?

Options:

A.

Security

B.

Governance

C.

Operations

D.

Platform

Question 66

An ecommerce company wants to distribute traffic between the Amazon EC2 instances that host its website.

Which AWS service or resource will meet these requirements?

Options:

A.

Application Load Balancer

B.

AWS WAF

C.

AWS CloudHSM

D.

AWS Direct Connect

Question 67

A company will run a predictable compute workload on Amazon EC2 Instances for the next 3 years. The workload is critical for the company. The company wants to optimize costs to run the workload.

Which solution will meet these requirements?

Options:

A.

Spot Instances

B.

Dedicated Hosts

C.

Savings Plans

D.

On-Demand Instances

Question 68

Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime?

Options:

A.

Agility

B.

Elasticity

C.

Scalability

D.

High availability

Question 69

Which top-level key performance indicator (KPI) is available in AWS rightsizing recommendations of Cost Optimization?

Options:

A.

Container modernization opportunities

B.

Estimated monthly saving

C.

Reserved instances savings

D.

Compute savings recommendations

Question 70

A company wants to use guidelines from the AWS Well-Architected Framework to limit human error and facilitate consistent responses to events.

Which of the following is a Well-Architected design principle that will meet these requirements?

Options:

A.

Use AWS CodeDeploy.

B.

Perform operations as code.

C.

Migrate workloads to a Dedicated Host.

D.

Use AWS Compute Optimizer.

Question 71

Which complimentary AWS service or tool creates data-driven business cases for cloud planning?

Options:

A.

Migration Evaluator

B.

AWS Billing Conductor

C.

AWS Billing Console

D.

Amazon Forecast

Question 72

Which AWS service gives users the ability to discover and protect sensitive data that is stored in Amazon S3 buckets?

Options:

A.

Amazon Macie

B.

Amazon Detective

C.

Amazon GuardDuty

D.

AWS I AM Access Analyzer

Question 73

Which AWS service helps developers use loose coupling and reliable messaging between microservices?

Options:

A.

Elastic Load Balancing

B.

Amazon Simple Notification Service (Amazon SNS)

C.

Amazon CloudFront

D.

Amazon Simple Queue Service (Amazon SQS)

Question 74

An ecommerce company has deployed a new web application on Amazon EC2 Instances. The company wants to distribute incoming HTTP traffic evenly across all running instances.

Which AWS service or resource will meet this requirement?

Options:

A.

Amazon EC2 Auto Scaling

B.

Application Load Balancer

C.

Gateway Load Balancer

D.

Network Load Balancer

Question 75

Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Configure the AWS provided security group firewall.

B.

Classify company assets in the AWS Cloud.

C.

Determine which Availability Zones to use for Amazon S3 buckets.

D.

Patch or upgrade Amazon DynamoDB.

E.

Select Amazon EC2 instances to run AWS Lambda on.

F.

AWS Config

Question 76

Which of the following is a fully managed graph database service on AWS?

Options:

A.

Amazon Aurora

B.

Amazon FSx

C.

Amazon DynamoDB

D.

Amazon Neptune

Question 77

Which AWS Well-Architected Framework pillar focuses on structured and streamlined allocation of computing resources?

Options:

A.

Reliability

B.

Operational excellence

C.

Performance efficiency

D.

Sustainability

Question 78

A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports.

Which AWS service will meet this requirement?

Options:

A.

AWS Trusted Advisor

B.

Amazon CloudWatch

C.

Amazon GuardDuty

D.

AWS Health Dashboard

Question 79

A company wants to receive a notification when a specific AWS cost threshold is reached.

Which AWS services or tools can the company use to meet this requirement? (Select TWO.)

Options:

A.

Amazon Simple Queue Service (Amazon SQS)

B.

AWS Budgets

C.

Cost Explorer

D.

Amazon CloudWatch

E.

AWS Cost and Usage Report

Question 80

Which AWS services or tools are designed to protect a workload from SQL injections, cross-site scripting, and DDoS attacks? (Select TWO.)

Options:

A.

VPC endpoint

B.

Virtual private gateway

Q C. AWS Shield Standard

C.

AWS Config

D.

AWS WAF

Question 81

A company wants to migrate its applications to the AWS Cloud. The company plans to identify and prioritize any business transformation opportunities and evaluate its AWS Cloud readiness.

Which AWS service or tool should the company use to meet these requirements?

Options:

A.

AWS Cloud Adoption Framework (AWS CAF)

B.

AWS Managed Services (AMS)

C.

AWS Well-Architected Framework

D.

AWS Migration Hub

Question 82

Which AWS service provides a highly accurate and easy-to-use enterprise search service that is powered by machine learning (ML)?

Options:

A.

Amazon Kendra

B.

Amazon SageMaker

C.

Amazon Augmented Al (Amazon A2I)

D.

Amazon Polly

Question 83

A company wants to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud.

Which AWS service should the company use to reduce management overhead for this environment?

Options:

A.

Amazon Elastic Container Service (Amazon ECS)

B.

Amazon SageMaker

C.

Amazon RDS

D.

Amazon Athena

Question 84

Which controls are the responsibility of both AWS and AWS customers, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Physical and environmental controls

B.

Patch management

C.

Configuration management

D.

Account structures

E.

Choice of the AWS Region where data is stored

Question 85

Which of the following is the customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Identity and access management

B.

Hard drive initialization

C.

Protection of data center hardware

D.

Security of Availability Zones

Question 86

A company is using AWS Organizations to configure AWS accounts.

A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives.

Which phase of the cloud transformation journey includes these identification activities?

Options:

A.

Envision

B.

Align

C.

Scale

D.

Launch

Question 87

A company needs to design a solution for the efficient use of compute resources for an enterprise workload. The company needs to make informed decisions as its technology needs evolve.

Which pillar of the AWS Well-Architected Framework do these requirements represent?

Options:

A.

Operational excellence

B.

Performance efficiency

C.

Cost optimization

D.

Reliability

Question 88

Which statements explain the business value of migration to the AWS Cloud? (Select TWO.)

Options:

A.

The migration of enterprise applications to the AWS Cloud makes these applications automatically available on mobile devices.

S B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime.

B.

Companies that migrate to the AWS Cloud eliminate the need to plan for high availability and disaster recovery.

C.

Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other

areas.

D.

Applications are modernized because migration to the AWS Cloud requires companies to rearchitect and rewrite all

enterprise applications.

Question 89

Which task is the responsibility of AWS when using AWS services?

Options:

A.

Management of IAM user permissions

B.

Creation of security group rules for outbound access

C.

Maintenance of physical and environmental controls

D.

Application of Amazon EC2 operating system patches

Question 90

A company wants to migrate its application to AWS. The company wants to replace upfront expenses with variable payment that is based on usage.

What should the company do to meet these requirements?

Options:

A.

Use pay-as-you-go pricing.

B.

Purchase Reserved Instances.

C.

Pay less by using more.

D.

Rightsize instances.

Question 91

A company has an AWS-hosted website located behind an Application Load Balancer. The company wants to safeguard the website from SQL injection or cross-site scripting.

Which AWS service should the company use?

Options:

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Trusted Advisor

D.

Amazon Inspector

Question 92

What is an AWS responsibility under the AWS shared responsibility model?

Options:

A.

Configure the security group rules that determine which ports are open on an Amazon EC2 Linux instance.

B.

Ensure the security of the internal network in the AWS data centers.

C.

Patch the guest operating system with the latest security patches on Amazon EC2.

D.

Turn on server-side encryption for Amazon S3 buckets.

A company wants to deploy its critical application on AWS and maintain high availability.

Question 93

Which AWS service is designed to help users orchestrate a workflow process for a set of AWS Lambda functions?

Options:

A.

Amazon DynamoDB

B.

AWS CodePipeline

C.

AWS Batch

D.

AWS Step Functions

Question 94

A company plans to migrate its on-premises workload to AWS. Before the migration, the company needs to estimate its future AWS service costs.

Which AWS service or tool should the company use to meet this requirement?

Options:

A.

AWS Trusted Advisor

B.

AWS Budgets

C.

AWS Pricing Calculator

D.

AWS Cost Explorer

Question 95

Which AWS service provides the SIMPLEST way for the company to establish a website on AWS?

Options:

A.

Amazon Elastic File System (Amazon EFS)

B.

AWS Elastic Beanstalk

C.

AWS Lambda

D.

Amazon Lightsail

Question 96

A company wants to create multiple isolated networks in the same AWS account.

Which AWS service or component will provide this functionality?

Options:

A.

AWS Transit Gateway

B.

Internet gateway

C.

Amazon VPC

D.

Amazon EC2

Question 97

A company is preparing to launch a redesigned website on AWS. Users from around the world will download digital handbooks from the website.

Which AWS solution should the company use to provide these static files securely?

Options:

A.

Amazon Kinesis Data Streams

B.

Amazon CloudFront with Amazon S3

C.

Amazon EC2 instances with an Application Load Balancer

D.

Amazon Elastic File System (Amazon EFS)

Question 98

A company is building an application that will receive millions of database queries each second. The company needs the data store for the application to scale to meet these needs.

Which AWS service will meet this requirement?

Options:

A.

Amazon DynamoDB

B.

AWS Cloud9

C.

Amazon ElastiCache for Memcached

D.

Amazon Neptune

Question 99

Which service is an AWS in-memory data store service?

Options:

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DynamoDB

D.

Amazon ElastiCache

Question 100

A company wants to push VPC Flow Logs to an Amazon S3 bucket.

A company wants to optimize long-term compute costs of AWS Lambda functions and Amazon EC2 instances.

Which AWS purchasing option should the company choose to meet these requirements?

Options:

A.

Dedicated Hosts

B.

Compute Savings Plans

C.

Reserved Instances

D.

Spot Instances

Question 101

A company has an application workload that is stateless by design and can sustain occasional downtime. The application performs massively parallel computations.

Which Amazon EC2 pricing model should the company choose for its application to reduce cost?

Options:

A.

On-Demand Instances

B.

Spot Instances

C.

Reserved Instances

D.

Dedicated Instances

Question 102

How should the company deploy the application to meet these requirements?

Options:

A.

Ina single Availability Zone

B.

On AWS Direct Connect

C.

On Reserved Instances

D.

In multiple Availability Zones

Question 103

A company wants guidance to optimize the cost and performance of its current AWS environment.

Which AWS service or tool should the company use to identify areas for optimization?

Options:

A.

Amazon QuickSight

B.

AWS Trusted Advisor

C.

AWS Organizations

D.

AWS Budgets

Question 104

Which aspect of security is the customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Patch and configuration management

B.

Service and communications protection or zone security

C.

Physical and environmental controls

D.

Awareness and training

Question 105

A new AWS user who has little cloud experience wants to build an application by using AWS services. The user wants to learn how to implement specific AWS services from other customer examples. The user also wants to ask questions to AWS experts.

Which AWS service or resource will meet these requirements?

Options:

A.

AWS Online Tech Talks

B.

AWS documentation

C.

AWS Marketplace

D.

AWS Health Dashboard

Question 106

A company provides a software as a service (SaaS) application. The company has a new customer that is based in a different country.

The new customer's data needs to be hosted in that country.

Which AWS service or infrastructure component should the company use to meet this requirement?

Options:

A.

AWS Shield

B.

Amazon S3 Object Lock

C.

AWS Regions

D.

Placement groups

Question 107

A company wants to use Amazon EC2 instances for a stable production workload that will run for 1 year.

Which instance purchasing option meets these requirements MOST cost-effectively?

Options:

A.

Dedicated Hosts

B.

Reserved Instances

C.

On-Demand Instances

D.

Spot Instances

Question 108

A company needs to host a web server on Amazon EC2 instances for at least 1 year. The web server cannot tolerate interruption.

Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

Options:

A.

On-Demand Instances

B.

Partial Upfront Reserved Instances

C.

Spot Instances

D.

No Upfront Reserved Instances

Question 109

A company has set up a VPC in its AWS account and has created a subnet in the VPC. The company wants to make the subnet public.

Which AWS features should the company use to meet this requirement? (Select TWO.)

Options:

A.

Amazon VPC internet gateway

B.

Amazon VPC NAT gateway

C.

Amazon VPC route tables

D.

Amazon VPC network ACL

E.

Amazon EC2 security groups

Question 110

A company has an Amazon S3 bucket containing images of scanned financial invoices. The company is building an artificial intelligence (Al)-based application on AWS. The company wants the application to identify and read total balance amounts on the invoices.

Which AWS service will meet these requirements?

Options:

A.

Amazon Forecast

B.

Amazon Textract

C.

Amazon Rekognition

D.

Amazon Lex

Question 111

A company manages factory machines in real time. The company wants to use AWS technology to deploy its monitoring applications as close to the factory machines as possible.

Which AWS solution will meet these requirements with the LEAST latency?

Options:

A.

AWS Outposts

B.

Amazon EC2

C.

AWS App Runner

D.

AWS Batch

Question 112

Which task can a company perform by using security groups in the AWS Cloud?

Options:

A.

Allow access to an Amazon EC2 instance through only a specific port.

B.

Deny access to malicious IP addresses at a subnet level.

C.

Protect data that is cached by Amazon CloudFront.

D.

Apply a stateless firewall to an Amazon EC2 instance.

Question 113

A company wants to implement controls (guardrails) in a newly created AWS Control Tower landing zone.

Which AWS services or features can the company use to create and define these controls (guardrails)? (Select TWO.)

Options:

A.

AWS Config

B.

Service control policies (SCPs)

C.

Amazon GuardDuty

D.

AWS Identity and Access Management (IAM)

E.

Security groups

Question 114

Which benefit of AWS Cloud computing provides lower latency between users and applications?

Options:

A.

Agility

B.

Economies of scale

C.

Global reach

D.

Pay-as-you-go pricing

Question 115

A company needs Amazon EC2 instances for a workload that can tolerate interruptions.

Which EC2 instance purchasing option meets this requirement with the LARGEST discount compared to On-Demand prices?

Options:

A.

Spot Instances

B.

Convertible Reserved Instances

C.

Standard Reserved Instances

D.

Dedicated Hosts

Question 116

Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?

Options:

A.

Security awareness and training

B.

Development of an IAM password policy

C.

Patching of the guest operating system

D.

Physical and environmental controls

Question 117

A company has an environment that includes Amazon EC2 instances, Amazon Lightsail, and on-premises servers. The company wants to automate the security updates for its operating systems and applications.

Which solution will meet these requirements with the LEAST operational effort?

Options:

A.

Use AWS Shield to identify and manage security events.

B.

Connect to each server by using a remote desktop connection. Run an update script.

C.

Use the AWS Systems Manager Patch Manager capability.

D.

Schedule Amazon GuardDuty to run on a nightly basis.

Question 118

A company wants to migrate its on-premises application to the AWS Cloud. The company is legally obligated to retain certain data in its onpremises data center.

Which AWS service or feature will support this requirement?

Options:

A.

AWS Wavelength

B.

AWS Local Zones

C.

VMware Cloud on AWS

D.

AWS Outposts

Question 119

Which options are perspectives that include foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)

Options:

A.

Sustainability

B.

Security

C.

Operations

D.

Performance efficiency

E.

Reliability

Question 120

A company is planning a migration to the AWS Cloud and wants to examine the costs that are associated with different workloads.

Which AWS tool will meet these requirements?

Options:

A.

AWS Budgets

B.

AWS Cost Explorer

C.

AWS Pricing Calculator

D.

AWS Cost and Usage Report

Question 121

Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing?

(Select TWO.)

Options:

A.

Amazon CloudWatch

B.

AWS CloudTrail

C.

Amazon GuardDuty

D.

AWS Shield

E.

AWS WAF

Question 122

What does "security of the cloud" refer to in the AWS shared responsibility model?

Options:

A.

Availability of AWS services such as Amazon EC2

B.

Security of the cloud infrastructure that runs all the AWS services

C.

Implementation of password policies for IAM users

D.

Security of customer environments by using AWS Network Firewall partners

Question 123

Which AWS service is used to temporarily provide federated security credentials to a

Options:

A.

Amazon GuardDuty

B.

AWS Simple Token Service (AWS STS)

C.

AWS Secrets Manager

D.

AWS Certificate Manager

Question 124

A company wants to run its production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week.

Which AWS Support plan will meet these requirements?

Options:

A.

AWS Basic Support

B.

AWS Enterprise Support

C.

AWS Business Support

D.

AWS Developer Support

Question 125

A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances. Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased.

The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances.

Which AWS service or tool should the company use to meet these requirements?

Options:

A.

AWS Systems Manager

B.

Cost Explorer

C.

AWS Trusted Advisor

D.

AWS Organizations

Question 126

A company needs to launch an Amazon EC2 instance.

Which of the following can the company use during the launch process to configure the root volume of the EC2 instance?

Options:

A.

Amazon EC2 Auto Scaling

B.

Amazon Data Lifecycle Manager (Amazon DLM)

C.

Amazon Machine Image (AMI)

D.

Amazon Elastic Block Store (Amazon EBS) volume

Question 127

Which AWS service requires the customer to patch the guest operating system?

Options:

A.

AWS Lambda

B.

Amazon OpenSearch Service

C.

Amazon EC2

D.

Amazon ElastiCache

Question 128

Which AWS service offers a global content delivery network (CDN) that helps companies securely deliver websites, videos, applications,

and APIs at high speeds with low latency?

Options:

A.

Amazon EC2

B.

Amazon CloudFront

C.

Amazon CloudWatch

D.

AWS CloudFormation

Question 129

A company that is planning to migrate to the AWS Cloud is based in an isolated area that has limited internet connectivity. The company needs to perform local data processing on premises. The company needs a solution that can operate without a stable internet connection.

Which AWS service will meet these requirements?

Options:

A.

Amazon S3

B.

AWS Snowball Edge

C.

AWS StorageGateway

D.

AWS Backup

Question 130

A company wants to use Amazon EC2 instances to run a stateless and restartable process after business hours.

Which AWS service provides DNS resolution?

Options:

A.

Amazon CloudFront

B.

Amazon VPC

C.

Amazon Route 53

D.

AWS Direct Connect

Question 131

A company suspects that its AWS resources are being used for illegal activities.

Which AWS group or team should the company notify?

Options:

A.

AWS Abuse team

B.

AWS Support team

C.

AWS technical account managers

D.

AWS Professional Services team

Question 132

A company is hosting a web application on Amazon EC2 instances. The company wants to implement custom conditions to filter and control inbound web traffic.

Which AWS service will meet these requirements?

Options:

A.

Amazon GuardDuty

B.

AWSWAF

C.

Amazon Macie

D.

AWS Shield

Question 133

A company wants to move its data warehouse application to the AWS Cloud. The company wants to run and scale its analytics services without needing to provision and manage data warehouse clusters.

Which AWS service will meet these requirements?

Options:

A.

Amazon Redshift provisioned data warehouse

B.

Amazon Redshift Serverless

C.

Amazon Athena

D.

Amazon S3

Question 134

Which AWS service or tool helps companies measure the environmental impact of their AWS usage?

Options:

A.

AWS customer carbon footprint tool

B.

AWS Compute Optimizer

C.

Sustainability pillar

D.

OS-Climate (Open Source Climate Data Commons)

Question 135

A company wants to migrate to the AWS Cloud. The company needs the ability to acquire resources when the resources are necessary.

The company also needs the ability to release those resources when the resources are no longer necessary.

Which architecture concept of the AWS Cloud meets these requirements?

Options:

A.

Elasticity

B.

Availability

C.

Reliability

D.

Durability

Question 136

Which design principles should a company apply to AWS Cloud workloads to maximize sustainability and minimize environmental impact? (Select TWO.)

Options:

A.

Maximize utilization of Amazon EC2 instances.

B.

Minimize utilization of Amazon EC2 instances.

C.

Minimize usage of managed services.

D.

Force frequent application reinstallations by users.

E.

Reduce the need for users to reinstall applications.

Question 137

An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously.

Which AWS storage service should be used?

Options:

A.

Amazon EBS

B.

Amazon EFS

C.

Amazon S3

D.

AWS Artifact

Question 138

A company needs to host a highly available application in the AWS Cloud. The application runs infrequently for short periods of time.

Which AWS service will meet these requirements with the LEAST amount of operational overhead?

Options:

A.

Amazon EC2

B.

AWS Fargate

C.

AWS Lambda

D.

Amazon Aurora

Question 139

A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.

Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?

Options:

A.

Security groups

B.

AWS WAF

C.

Network ACLs

D.

AWS Shield

Question 140

A company is running an application on AWS. The company wants to identify and prevent the accidental

Which AWS service or feature will meet these requirements?

Options:

A.

Amazon GuardDuty

B.

Network ACL

C.

AWS WAF

D.

AWS Network Firewall

Question 141

Which AWS service can a company use to securely store and encrypt passwords for a database?

Options:

A.

AWS Shield

B.

AWS Secrets Manager

C.

AWS Identity and Access Management (IAM)

D.

Amazon Cognito

Question 142

Which AWS service can defend against DDoS attacks?

Options:

A.

AWS Firewall Manager

B.

AWS Shield Standard

C.

AWS WAF

D.

Amazon Inspector

Question 143

Which AWS service or tool offers consolidated billing?

Options:

A.

AWS Artifact

B.

AWS Budgets

C.

AWS Organizations

D.

AWS Trusted Advisor

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources.

Question 144

A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.

According to the AWS shared responsibility model, which task is the responsibility of the customer?

Options:

A.

Protect the global infrastructure that runs all of the services offered in the AWS Cloud.

B.

Configure logical access controls for resources, and protect account credentials.

C.

Configure the security used by managed services.

D.

Patch and back up Amazon Aurora.

Question 145

A company must store call recordings for 6 years. The storage system should be highly durable and cost-effective.

Which AWS service meets these requirements?

Options:

A.

AWS Snowball

B.

Amazon S3

C.

AWS Storage Gateway

D.

Amazon Kinesis

Question 146

Which AWS service or tool provides recommendations to help users get rightsized Amazon EC2 instances based on historical workload usage data?

Options:

A.

AWS Pricing Calculator

B.

AWS Compute Optimizer

C.

AWS App Runner

D.

AWS Systems Manager

Question 147

A company wants to access a report about the estimated environmental impact of the company's AWS usage.

Which AWS service or feature should the company use to meet this requirement?

Options:

A.

AWS Organizations

B.

IAM policy

C.

AWS Billing console

D.

Amazon Simple Notification Service (Amazon SNS)

Question 148

A company wants to securely store Amazon RDS database credentials and automatically rotate user passwords periodically.

Which AWS service or capability will meet these requirements?

Options:

A.

Amazon S3

B.

AWS Systems Manager Parameter Store

C.

AWS Secrets Manager

D.

AWS CloudTrail

Question 149

Which options are common stakeholders for the AWS Cloud Adoption Framework (AWS CAF) platform perspective? (Select TWO.)

Options:

A.

Chief financial officers (CFOs)

B.

IT architects

C.

Chief information officers (CIOs)

D.

Chief data officers (CDOs)

E.

Engineers

Question 150

Which AWS service is designed to help users build conversational interfaces into applications using voice and text?

Options:

A.

Amazon Lex

B.

Amazon Transcribe

C.

Amazon Comprehend

D.

Amazon Timestream

Question 151

A company runs a database on Amazon Aurora in the us-east-1 Region. The company has a disaster recovery requirement that the database be available in another Region.

Which solution meets this requirement with minimal disruption to the database operations?

Options:

A.

Perform an Aurora Multi-AZ deployment.

B.

Deploy Aurora cross-Region read replicas.

C.

Create Amazon Elastic Block Store (Amazon EBS) volume snapshots for Aurora and copy them to another Region.

D.

Deploy Aurora Replicas.

Question 152

A company provides a web-based ecommerce service that runs in two Availability Zones within a single AWS Region. The web service distributes content that is stored in the Amazon S3 Standard storage class. The company wants to improve the web service's performance globally.

What should the company do to meet this requirement?

Options:

A.

Change the S3 storage class to S3 Intelligent-Tiering.

B.

Deploy an Amazon CloudFront distribution to cache web server content in edge locations.

C.

Use Amazon API Gateway for the web service.

D.

Migrate the website ecommerce servers to Amazon EC2 with enhanced networking.

Question 153

A company migrated its core application onto multiple workloads in the AWS Cloud. The company wants to improve the application's reliability.

Which cloud design principle should the company implement to achieve this goal?

Options:

A.

Maximize utilization.

B.

Decouple the components.

C.

Rightsize the resources.

D.

Adopt a consumption model.

Question 154

A company wants to create a chatbot and integrate the chatbot with its current web application.

Which AWS service will meet these requirements?

Options:

A.

AmazonKendra

B.

Amazon Lex

C.

AmazonTextract

D.

AmazonPolly

Question 155

A company moves a workload to AWS to run on Amazon EC2 instances. The company needs to run the workload in the most cost-effective way.

What can the company do to meet this requirement?

Options:

A.

Use AWS Key Management Service (AWS KMS).

B.

Use multiple AWS accounts and consolidated billing.

C.

Use AWS CloudFormation to deploy the infrastructure.

D.

Rightsized all the EC2 instances that are used in the deployment.

Question 156

A company wants to develop a shopping application that records customer orders. The application needs to use an AWS managed database service to store data.

Which AWS service should the company use to meet these requirements?

Options:

A.

Amazon RDS

B.

Amazon Redshift

C.

Amazon ElastiCache

D.

Amazon Neptune

Question 157

Which actions are examples of a company's effort to right size its AWS resources to control cloud costs? (Select TWO.)

Options:

A.

Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.

Q B. Base the selection of Amazon EC2 instance types on past utilization patterns.

B.

Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.

C.

Use Multi-AZ deployments for Amazon RDS.

D.

Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.

Question 158

Which AWS services can a company use to host and run a MySQL database? (Select TWO.)

Options:

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon S3

D.

Amazon EC2

E.

Amazon MQ

Question 159

A company wants to track its AWS account's service costs. The company also wants to receive notifications when costs are forecasted to reach a specific level.

Which AWS service or tool provides this functionality?

Options:

A.

AWS Budgets

B.

AWS Cost Explorer

C.

Savings Plans

D.

AWS Billing Conductor

Question 160

Which task requires the use of AWS account root user credentials?

Options:

A.

The deletion of IAM users

B.

The change to a different AWS Support plan

C.

The creation of an organization in AWS Organizations

D.

The deletion of Amazon EC2 instances

Question 161

Which tasks are customer responsibilities according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Determine application dependencies with operating systems.

B.

Provide user access with AWS Identity and Access Management (IAM).

C.

Secure the data center in an Availability Zone.

D.

Patch the hypervisor.

E.

Provide network availability in Availability Zones.

Question 162

Which AWS service or feature is used to Troubleshoot network connectivity issues between Amazon EC2 instances?

Options:

A.

AWS Certificate Manager (ACM)

B.

Internet gateway

C.

VPC Flow Logs

D.

AWS CloudHSM

Question 163

Which AWS service meets this requirement?

Options:

A.

AWS CloudFormation

B.

AWS Elastic Beanstalk

C.

AWS Cloud9

D.

AWS CloudShell

Question 164

A company runs thousands of simultaneous simul-ations using AWS Batch. Each simul-ation is stateless, is fault tolerant, and runs for up to 3 hours.

Which pricing model enables the company to optimize costs and meet these requirements?

Options:

A.

Reserved Instances

B.

Spot Instances

C.

On-Demand Instances

D.

Dedicated Instances

Question 165

A company has a workload that requires data to be collected, analyzed, and stored on premises. The company wants to extend the use of AWS services to run on premises with access to the company network and the company's VPC.

Which AWS service meets this requirement?

Options:

A.

AWS Outposts

B.

AWS Storage Gateway

C.

AWS Direct Connect

D.

AWS Snowball

Question 166

Which database engine is compatible with Amazon RDS?

Options:

A.

Apache Cassandra

B.

MongoDB

C.

Neo4j

D.

PostgreSQL

Question 167

Which AWS service provides highly durable object storage?

Options:

A.

Amazon S3

B.

Amazon Elastic File System (Amazon EFS)

C.

Amazon Elastic Block Store (Amazon EBS)

D.

Amazon FSx

Question 168

Which AWS service can report how AWS resource configurations have changed over time?

Options:

A.

AWS CloudTrail

B.

Amazon CloudWatch

C.

AWS Config

D.

Amazon Inspector

Question 169

Which of the following are advantages of the AWS Cloud? (Select TWO.)

Options:

A.

Trade variable expenses for capital expenses

B.

High economies of scale

C.

Launch globally in minutes

D.

Focus on managing hardware infrastructure

E.

Overprovision to ensure capacity

Question 170

A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and Amazon DynamoDB.

What is the MOST operationally efficient solution to delegate permissions?

Options:

A.

Create an IAM role with the required permissions. Attach the role to the EC2 instance.

B.

Create an IAM user and use its access key and secret access key in the application.

C.

Create an IAM user and use its access key and secret access key to create a CLI profile in the EC2 instance.

D.

Create an IAM role with the required permissions. Attach the role to the administrativeIAM user.

Question 171

Which AWS network services or features allow Cl DR block notation when providing an IP address range?

(Select TWO.)

Options:

A.

Security groups

B.

Amazon Machine Image (AMI)

C.

Network access control list (network ACL)

D.

AWS Budgets

E.

Amazon Elastic Block Store (Amazon EBS)

Question 172

A company's IT team is managing MySQL database server clusters. The IT team has to patch the database and take backup snapshots of the data in the clusters. The company wants to move this workload to AWS so that these tasks will be completed automatically.

What should the company do to meet these requirements?

Options:

A.

Deploy MySQL database server clusters on Amazon EC2 instances.

B.

Use Amazon RDS with a MySQL database.

C.

Use an AWS Cloud Form at ion template to deploy MySQL database servers on Amazon EC2 instances.

D.

Migrate all the MySQL database data to Amazon S3.

Question 173

An ecommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud.

Which AWS service is used to track, record, and audit configuration changes made to AWS resources?

Options:

A.

AWS Shield

B.

AWS Config

C.

AWS IAM

D.

Amazon Inspector

Question 174

Which of the following are benefits that a company receives when it moves an on-premises production workload to AWS? (Select TWO.)

Options:

A.

AWS trains the company's staff on the use of all the AWS services.

B.

AWS manages all security in the cloud.

C.

AWS offers free support from technical account managers (TAMs).

D.

AWS offers high availability.

E.

AWS provides economies of scale.

Question 175

What can a user accomplish using AWS CloudTrail?

Options:

A.

Generate an IAM user credentials report.

B.

Record API calls made to AWS services.

C.

Assess the compliance of AWS resource configurations with policies and guidelines.

D.

Ensure that Amazon EC2 instances are patched with the latest security updates.

A company uses Amazon Workspaces.

Question 176

Which AWS solution gives companies the ability to use protocols such as NFS to store and retrieve objects in Amazon S3?

Options:

A.

Amazon FSx for Lustre

B.

AWS Storage Gateway volume gateway

C.

AWS Storage Gateway file gateway

D.

Amazon Elastic File System (Amazon EFS)

Question 177

A company is developing an application that uses multiple AWS services. The application needs to use

temporary, limited-privilege credentials for authentication with other AWS APIs.

Which AWS service or feature should the company use to meet these authentication requirements?

Options:

A.

Amazon API Gateway

B.

IAM users

C.

AWS Security Token Service (AWS STS)

D.

IAM instance profiles

Question 178

Which benefit does Amazon Rekognition provide?

Options:

A.

The ability to place watermarks on images

B.

The ability to detect objects that appear in pictures

C.

The ability to resize millions of images automatically

D.

The ability to bid on object detection jobs

Question 179

A company needs to run its existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively.

The workloads can recover from interruptions easily.

Which pricing model should the company use?

Options:

A.

Reserved Instances

B.

On-Demand Instances

C.

Spot Instances

D.

Dedicated Hosts

Question 180

Which AWS service uses a combination of publishers and subscribers?

Options:

A.

AWS Lambda

B.

Amazon Simple Notification Service (Amazon SNS)

C.

Amazon CloudWatch

D.

AWS CloudFormation

Question 181

Which AWS Support plan provides customers with access to an AWS technical account manager (TAM)?

Options:

A.

AWS Basic Support

B.

AWS Developer Support

C.

AWS Business Support

D.

AWS Enterprise Support

Question 182

Which AWS service should a cloud practitioner use to receive real-time guidance for provisioning resources, based on AWS best practices related to security, cost optimization, and service limits?

Options:

A.

AWS Trusted Advisor

B.

AWS Config

C.

AWS Security Hub

D.

AWS Systems Manager

Question 183

Which AWS Well-Architected Framework concept represents a system's ability to remain functional when the system encounters operational problems?

Options:

A.

Consistency

B.

Elasticity

C.

Durability

D.

Latency

Question 184

Which AWS service or tool can be used to consolidate payments for a company with multiple AWS accounts?

Options:

A.

AWS Cost and Usage Report

B.

AWS Organizations

C.

Cost Explorer

D.

AWS Budgets

Question 185

Which of the following is available to a company that has an AWS Business Support plan?

Options:

A.

AWS Support concierge

B.

AWS DDoS Response Team (DRT)

C.

AWS technical account manager (TAM)

D.

AWS Health API

Question 186

A retail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud.

Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)

Options:

A.

A large upfront capital expense and low variable expenses

B.

Increased speed for trying out new projects

C.

Complete control over the physical security of the infrastructure

D.

Flexibility to scale up in minutes as the application becomes popular

E.

Ability to pick the specific data centers that will host the application servers

Question 187

Which AWS service or tool does AWS Control Tower use to create resources?

Options:

A.

AWS CloudFormation

B.

AWS Trusted Advisor

C.

AWS Directory Service

D.

AWS Cost Explorer

Question 188

A user wants to identify any security group that is allowing unrestricted incoming SSH traffic.

Which AWS service can be used to accomplish this goal?

Options:

A.

Amazon Cognito

B.

AWS Shield

C.

Amazon Macie

D.

AWS Trusted Advisor

Question 189

Which AWS service can a company use to perform complex analytical queries?

Options:

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon Redshift

D.

Amazon ElastiCache

Question 190

A company is reviewing its operating policies.

Which policy complies with guidance in the security pillar of the AWS Well-Architected Framework?

Options:

A.

Ensure that employees have access to all company data.

B.

Expand employees' permissions as they gain more experience.

C.

Grant all privileges and access to all users.

D.

Apply security requirements at all layers of a process.

Question 191

Which of the following is an AWS value proposition that describes a user's ability to scale infrastructure based on demand?

Options:

A.

Speed of innovation

B.

Resource elasticity

C.

Decoupled architecture

D.

Global deployment

Question 192

Which task is a customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Management of the guest operating systems

B.

Maintenance of the configuration of infrastructure devices

C.

Management of the host operating systems and virtualization

D.

Maintenance of the software that powers Availability Zones

A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.

Question 193

A company is designing an identity access management solution for an application. The company wants users to be able to use their social media, email, or online shopping accounts to access the application.

Which AWS service provides this functionality?

Options:

A.

AWS IAM Identity Center (AWS Single Sign-On)

B.

AWS Config

C.

Amazon Cognito

D.

AWS Identity and Access Management (IAM)

Question 194

Which AWS services and features are provided to all customers at no charge? (Select TWO.)

Options:

A.

Amazon Aurora

B.

VPC

C.

Amazon SageMaker

D.

AWS Identity and Access Management (IAM)

E.

Amazon Polly

Question 195

How can an AWS user conduct security assessments of Amazon EC2 instances, NAT gateways, and Elastic

Load Balancers in a way that is approved by AWS?

Options:

A.

Flood a target with requests.

B.

Use Amazon Inspector.

C.

Perform penetration testing.

D.

Use the AWS Service Health Dashboard.

Question 196

Which AWS service or feature offers HTTP attack protection to users running public-facing web applications?

Options:

A.

Security groups

B.

Network ACLs

C.

AWS Shield Standard

D.

AWS WAF

Question 197

A company wants to host its relational databases on AWS. The databases have predefined schemas that the company needs to replicate on AWS.

Which AWS services could the company use for the databases? (Select TWO.)

Options:

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

D.

Amazon Neptune

E.

Amazon DynamoDB

Question 198

What is the total amount of storage offered by Amazon S3?

Options:

A.

WOMB

B.

5 GB

C.

5 TB

D.

Unlimited

Question 199

A large company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?

Options:

A.

Use AWS Trusted Advisor to generate customized summary reports.

B.

Use AWS Organizations to generate consolidated billing reports.

C.

Use AWS Budgets to set utilization targets and receive summary reports.

D.

Use the AWS Control Tower dashboard to get a summary report of all linked account costs.

Question 200

A company uses Amazon Aurora as its database service. The company wants to encrypt its databases and database backups.

Which party manages the encryption of the database clusters and database snapshots, according to the AWS shared responsibility

model?

Options:

A.

AWS

B.

The company

C.

AWS Marketplace partners

D.

Third-party partners

Question 201

Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of:

Options:

A.

a loosely coupled architecture.

B.

a tightly coupled architecture.

C.

a stateless architecture.

D.

a stateful architecture.

Question 202

Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services?

Options:

A.

Amazon Detective

B.

Amazon Inspector

C.

Amazon Macie

D.

AWS Security Hub

Question 203

A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.

Which cloud concept does this analysis demonstrate?

Options:

A.

Auto scaling

B.

Rightsizing

C.

Load balancing

D.

High availability

Question 204

A company is using AWS Lambda functions to build an application.

Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Patch the servers where the Lambda functions are deployed.

B.

Establish the IAM permissions that define who can run the Lambda functions.

C.

Write the code for the Lambda functions to define the application logic.

D.

Deploy Amazon EC2 instances to support the Lambda functions.

E.

Scale out the Lambda functions when the load increases.

Question 205

Which task is the responsibility of a company that is using Amazon RDS?

Options:

A.

Provision the underlying infrastructure.

B.

Create IAM policies to control administrative access to the service.

C.

Install the cables to connect the hardware for compute and storage.

D.

Install and patch the RDS operating system.

Question 206

Which of the following promotes AWS Cloud architectural best practices for designing and operating reliable, secure, efficient, and cost-effective systems?

Options:

A.

AWS Serverless Application Model framework

B.

AWS Business Support

C.

Principle of least privilege

D.

AWS Well-Architected Framework

Question 207

An auditor needs to find out whether a specific AWS service is compliant with specific compliance frameworks.

Which AWS service will provide this information?

Options:

A.

AWS Artifact

B.

AWS Trusted Advisor

C.

Amazon GuardDuty

D.

AWS Certificate Manager (ACM)

Question 208

A company is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.

To which AWS service could the company migrate the database?

Options:

A.

Amazon Athena

B.

Amazon DynamoDB

®C. Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

Question 209

What does the Amazon S3 Intelligent-Tiering storage class offer?

Options:

A.

Payment flexibility by reserving storage capacity

B.

Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon

EBS) volume

C.

Automatic cost savings by moving objects between tiers based on access pattern changes

D.

Secure, durable, and lowest cost storage for data archival

Question 210

Which of the following is a benefit of decoupling an AWS Cloud architecture?

Options:

A.

Reduced latency

B.

Ability to upgrade components independently

C.

Decreased costs

D.

Fewer components to manage

Question 211

A company is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost.

What should the company do to meet these requirements?

Options:

A.

Use a different EC2 instance type for each project.

B.

Publish project-specific custom Amazon CloudWatch metrics for each application.

C.

Deploy EC2 instances for each project in a separate AWS account.

D.

Use cost allocation tags with values that are specific to each project.

Question 212

Which AWS features will meet these requirements? (Select TWO.)

Options:

A.

Security groups

B.

Network ACLs

C.

S3 bucket policies

D.

IAM user policies

E.

S3 bucket versioning

Question 213

Which AWS service or tool provides recommendations to help users get rightsized Amazon EC2 instances based on historical workload usage data?

Options:

A.

AWS Pricing Calculator

B.

AWS Compute Optimizer

C.

AWS App Runner

D.

AWS Systems Manager

Question 214

A security engineer wants a single-tenant AWS solution to create, control, and manage their own cryptographic keys to meet regulatory compliance requirements for data security.

Which AWS service should the engineer use?

Options:

A.

AWS Key Management Service (AWS KMS)

B.

AWS Certificate Manager (ACM)

C.

AWS CloudHSM

D.

AWS Systems Manager

Question 215

Who is responsible for decommissioning end-of-life underlying storage devices that are used to host data on AWS?

Options:

A.

Customer

B.

AWS

C.

Account creator

D.

Auditing team

Question 216

Which AWS service is a highly available and scalable DNS web service?

Options:

A.

Amazon VPC

B.

Amazon CloudFront

C.

Amazon Route 53

D.

Amazon Connect

Question 217

A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS.

Which AWS service should the company use to meet these requirements?

Options:

A.

AWS Device Farm

B.

AWS Fargate

C.

AWS Outposts

D.

AWS Ground Station

Question 218

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

Options:

A.

High availability

B.

Economies of scale

C.

Global reach

D.

Agility

Question 219

Which of the following are AWS Cloud design principles? (Select TWO.)

Options:

A.

Pay for compute resources in advance.

B.

Make data-driven decisions to determine cloud architectural design.

C.

Emphasize manual processes to allow for changes.

D.

Test systems at production scale.

E.

Refine operational procedures infrequently.

Question 220

Which AWS service or feature can be used to estimate costs before deployment?

Options:

A.

AWS Free Tier

B.

AWS Pricing Calculator

C.

AWS Billing and Cost Management

D.

AWS Cost and Usage Report

Question 221

A company recently migrated to the AWS Cloud. The company needs to determine whether its newly imported Amazon EC2 instances are the appropriate size and type.

Which AWS services can provide this information to the company? {Select TWO.)

Options:

A.

AWS Auto Scaling

B.

AWS Control Tower

C.

AWS Trusted Advisor

D.

AWS Compute Optimizer

E.

Amazon Forecast

Question 222

A company plans to migrate to AWS and wants to create cost estimates for its AWS use cases.

Which AWS service or tool can the company use to meet these requirements?

Options:

A.

AWS Pricing Calculator

B.

Amazon CloudWatch

C.

AWS Cost Explorer

D.

AWS Budgets

Question 223

Which best practice for cost governance does this example show?

Options:

A.

Resource controls

B.

Cost allocation

C.

Architecture optimization

D.

Tagging enforcement

Question 224

A company has been storing monthly reports in an Amazon S3 bucket. The company exports the report data into comma-separated values (.csv) files. A developer wants to write a simple query that can read all of these files and generate a summary report.

Which AWS service or feature should the developer use to meet these requirements with the LEAST amount of operational overhead?

Options:

A.

Amazon S3 Select

B.

Amazon Athena

C.

Amazon Redshift

D.

Amazon EC2

Question 225

Which AWS service gives users the ability to provision a dedicated and private network connection from their internal

network to AWS?

Options:

A.

AWS CloudHSM

B.

AWS Direct Connect

C.

AWS VPN

D.

Amazon Connect

Question 226

A company needs to configure rules to identify threats and protect applications from malicious network access.

Which AWS service should the company use to meet these requirements?

Options:

A.

AWS Identity and Access Management (IAM)

B.

Amazon QuickSight

C.

AWS WAF

D.

Amazon Detective

Question 227

Which AWS service or tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

Options:

A.

AWS Identity and Access Management (IAM)

B.

AWS Organizations

C.

AWS Cost Explorer

D.

AWS Budgets

Question 228

A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds.

Which AWS service meets these requirements?

Options:

A.

Amazon CloudFront

B.

Elastic Load Balancing

C.

Amazon S3

D.

Amazon Elastic Transcoder

Question 229

Which of the following acts as an instance-level firewall to control inbound and outbound access?

Options:

A.

Network access control list

B.

Security groups

C.

AWS Trusted Advisor

D.

Virtual private gateways

Question 230

Which AWS services or features can control VPC traffic? (Select TWO.)

Options:

A.

Security groups

B.

AWS Direct Connect

C.

Amazon GuardDuty

D.

Network ACLs

E.

Amazon Connect

Question 231

Which of the following is an advantage of AWS Cloud computing?

Options:

A.

Trade security for elasticity.

B.

Trade operational excellence for agility.

C.

Trade fixed expenses for variable expenses.

D.

Trade elasticity for performance.

Question 232

Amazon Elastic File System (Amazon EFS) and Amazon FSx offer which type of storage?

Options:

A.

File storage

B.

Object storage

C.

Block storage

D.

Instance store

Question 233

Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

Options:

A.

AWS Support

B.

AWS customers

C.

AWS Key Management Service (AWS KMS)

D.

AWS Trusted Advisor

Question 234

What are the characteristics of Availability Zones? (Select TWO.)

Options:

A.

All Availability Zones in an AWS Region are interconnected with high-bandwidth, low-latency networking

B.

Availability Zones are physically separated by a minimum of distance of 150 km (100 miles).

C.

All traffic between Availability Zones is encrypted.

D.

Availability Zones within an AWS Region share redundant power, networking, and connectivity.

E.

Every Availability Zone contains a single data center.

Question 235

Which AWS service will help protect applications running on AWS from DDoS attacks?

Options:

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Shield

D.

Amazon Inspector

Exam Detail
Exam Code: CLF-C02
Last Update: Nov 21, 2024
CLF-C02 Question Answers
Page: 1 / 59
Total 785 questions