Practice Free CLF-C02 Exam Online Questions
Question #161
Which AWS services can a company use to achieve a loosely coupled architecture? (Select TWO.)
- A . Amazon Workspaces
- B . Amazon Simple Queue Service (Amazon SQS)
- C . Amazon Connect
- D . AWS Trusted Advisor
- E . AWS Step Functions
Correct Answer: BE
BE
Explanation:
Amazon Simple Queue Service (Amazon SQS) and AWS Step Functions are AWS services that can be used to achieve a loosely coupled architecture. Amazon SQS is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly. Using Step Functions, you can design and run workflows that stitch together services such as AWS Lambda and Amazon SNS into feature-rich applications.
Reference: Amazon SQS, AWS Step Functions
BE
Explanation:
Amazon Simple Queue Service (Amazon SQS) and AWS Step Functions are AWS services that can be used to achieve a loosely coupled architecture. Amazon SQS is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly. Using Step Functions, you can design and run workflows that stitch together services such as AWS Lambda and Amazon SNS into feature-rich applications.
Reference: Amazon SQS, AWS Step Functions
Question #162
Which VPC component provides a layer of security at the subnet level?
- A . Security groups
- B . Network ACLs
- C . NAT gateways
- D . Route tables
Correct Answer: B
B
Explanation:
Network ACLs are a feature that provide a layer of security at the subnet level by acting as a firewall to control traffic in and out of one or more subnets. Network ACLs can be configured with rules that allow or deny traffic based on the source and destination IP addresses, ports, and protocols5.
Security groups are a feature that provide a layer of security at the instance level by acting as a firewall to control traffic to and from one or more instances. Security groups can be configured with rules that allow or deny traffic based on the source and destination IP addresses, ports, protocols, and security groups. NAT gateways are a feature that enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances. Route tables are a feature that determine where network traffic from a subnet or gateway is directed.
B
Explanation:
Network ACLs are a feature that provide a layer of security at the subnet level by acting as a firewall to control traffic in and out of one or more subnets. Network ACLs can be configured with rules that allow or deny traffic based on the source and destination IP addresses, ports, and protocols5.
Security groups are a feature that provide a layer of security at the instance level by acting as a firewall to control traffic to and from one or more instances. Security groups can be configured with rules that allow or deny traffic based on the source and destination IP addresses, ports, protocols, and security groups. NAT gateways are a feature that enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances. Route tables are a feature that determine where network traffic from a subnet or gateway is directed.
Question #163
Which AWS service is a highly available and scalable DNS web service?
- A . Amazon VPC
- B . Amazon CloudFront
- C . Amazon Route 53
- D . Amazon Connect
Correct Answer: C
C
Explanation:
Amazon Route 53 is a highly available and scalable DNS web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating domain names into the numeric IP addresses that computers use to connect to each other2. Amazon Route 53 also offers other features such as health checks, traffic management, domain name registration, and DNSSEC3.
C
Explanation:
Amazon Route 53 is a highly available and scalable DNS web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating domain names into the numeric IP addresses that computers use to connect to each other2. Amazon Route 53 also offers other features such as health checks, traffic management, domain name registration, and DNSSEC3.
Question #164
Which AWS service provides storage that can be mounted across multiple Amazon EC2 instances?
- A . Amazon Workspaces
- B . Amazon Elastic File System (Amazon EFS)
- C . AWS Database Migration Service (AWS DMS)
- D . AWS Snowball Edge
Correct Answer: B
B
Explanation:
Amazon EFS is a fully managed service that provides scalable and elastic file storage for multiple Amazon EC2 instances. Amazon EFS supports the Network File System (NFS) protocol, which allows multiple EC2 instances to access the same file system concurrently. You can learn more about Amazon EFS from this webpage or this digital course.
B
Explanation:
Amazon EFS is a fully managed service that provides scalable and elastic file storage for multiple Amazon EC2 instances. Amazon EFS supports the Network File System (NFS) protocol, which allows multiple EC2 instances to access the same file system concurrently. You can learn more about Amazon EFS from this webpage or this digital course.
Question #165
Which AWS service or tool gives users the ability to connect with AWS and deploy resources programmatically?
- A . Amazon quickSight
- B . AWS PrivateLink
- C . AWS Direct Connect
- D . AWS SDKs
Correct Answer: D
D
Explanation:
AWS SDKs are a set of tools that allow users to connect with AWS and deploy resources programmatically. AWS SDKs provide libraries, code samples, documentation, and other resources to help users write code that interacts with AWS APIs. AWS SDKs support various programming languages, such as Java, Python, Ruby, .NET, Node.js, Go, and more. AWS SDKs make it easier for users to access AWS services, such as Amazon S3, Amazon EC2, Amazon DynamoDB, AWS Lambda, and more, from their applications. AWS SDKs also handle tasks such as authentication, error handling, retries, and data serialization, so users can focus on their application logic.
The other options are not AWS services or tools that give users the ability to connect with AWS and deploy resources programmatically. Amazon QuickSight is a business intelligence service that lets users create and share interactive dashboards and visualizations1. AWS PrivateLink is a service that enables users to securely access services hosted on AWS in a scalable and cost-effective manner2. AWS Direct Connect is a service that establishes a dedicated network connection between
a user’s premises and AWS3.
D
Explanation:
AWS SDKs are a set of tools that allow users to connect with AWS and deploy resources programmatically. AWS SDKs provide libraries, code samples, documentation, and other resources to help users write code that interacts with AWS APIs. AWS SDKs support various programming languages, such as Java, Python, Ruby, .NET, Node.js, Go, and more. AWS SDKs make it easier for users to access AWS services, such as Amazon S3, Amazon EC2, Amazon DynamoDB, AWS Lambda, and more, from their applications. AWS SDKs also handle tasks such as authentication, error handling, retries, and data serialization, so users can focus on their application logic.
The other options are not AWS services or tools that give users the ability to connect with AWS and deploy resources programmatically. Amazon QuickSight is a business intelligence service that lets users create and share interactive dashboards and visualizations1. AWS PrivateLink is a service that enables users to securely access services hosted on AWS in a scalable and cost-effective manner2. AWS Direct Connect is a service that establishes a dedicated network connection between
a user’s premises and AWS3.
Question #166
A company wants to integrate its online shopping website with social media login credentials.
Which AWS service can the company use to make this integration?
- A . AWS Directory Service
- B . AWS Identity and Access Management (IAM)
- C . Amazon Cognito
- D . AWS IAM Identity Center (AWS Single Sign-On)
Correct Answer: C
C
Explanation:
Amazon Cognito is a service that enables you to add user sign-up and sign-in features to your web and mobile applications. Amazon Cognito also supports social and enterprise identity federation, which means you can allow your users to sign in with their existing credentials from identity providers such as Google, Facebook, Apple, and Amazon. Amazon Cognito integrates with OpenID Connect (OIDC) and Security Assertion Markup Language (SAML) 2.0 protocols to facilitate the authentication and authorization process. Amazon Cognito also provides advanced security features, such as adaptive authentication, user verification, and multi-factor authentication (MFA).
Reference: Amazon Cognito, What is Amazon Cognito?
C
Explanation:
Amazon Cognito is a service that enables you to add user sign-up and sign-in features to your web and mobile applications. Amazon Cognito also supports social and enterprise identity federation, which means you can allow your users to sign in with their existing credentials from identity providers such as Google, Facebook, Apple, and Amazon. Amazon Cognito integrates with OpenID Connect (OIDC) and Security Assertion Markup Language (SAML) 2.0 protocols to facilitate the authentication and authorization process. Amazon Cognito also provides advanced security features, such as adaptive authentication, user verification, and multi-factor authentication (MFA).
Reference: Amazon Cognito, What is Amazon Cognito?
Question #167
Which AWS service or feature is used to send both text and email messages from distributed applications?
- A . Amazon Simple Notification Service (Amazon SNS)
- B . Amazon Simple Email Service (Amazon SES)
- C . Amazon CloudWatch alerts
- D . Amazon Simple Queue Service (Amazon SQS)
Correct Answer: A
A
Explanation:
Amazon Simple Notification Service (Amazon SNS) is the AWS service or feature that is used to send both text and email messages from distributed applications. Amazon SNS is a fully managed pub/sub messaging service that enables the user to send messages to multiple subscribers or endpoints, such as email addresses, phone numbers, HTTP endpoints, AWS Lambda functions, and more. Amazon SNS can be used to send notifications, alerts, confirmations, and reminders from applications to users or other applications4.
A
Explanation:
Amazon Simple Notification Service (Amazon SNS) is the AWS service or feature that is used to send both text and email messages from distributed applications. Amazon SNS is a fully managed pub/sub messaging service that enables the user to send messages to multiple subscribers or endpoints, such as email addresses, phone numbers, HTTP endpoints, AWS Lambda functions, and more. Amazon SNS can be used to send notifications, alerts, confirmations, and reminders from applications to users or other applications4.
Question #168
Which AWS service or feature improves network performance by sending traffic through the AWS worldwide network infrastructure?
- A . Route table
- B . AWS Transit Gateway
- C . AWS Global Accelerator
- D . Amazon VPC
Correct Answer: C
C
Explanation:
AWS Global Accelerator is a service that improves network performance by sending traffic through the AWS worldwide network infrastructure. It uses the AWS global network to direct TCP or UDP traffic to a healthy application endpoint in the closest AWS Region to the client. This provides improvements in terms of latency, throughput, and jitter. Global Accelerator also introduces features such as TCP termination at the edge, jumbo frame support, and large receive side window and TCP buffers to optimize data transfer12. Route table, AWS Transit Gateway, and Amazon VPC are not services or features that improve network performance by sending traffic through the AWS worldwide network infrastructure. Route table is a resource that defines how traffic is routed within a VPC3. AWS Transit Gateway is a service that enables you to connect your VPCs and on-premises networks to a single gateway4. Amazon VPC is a service that lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define5.
Reference: Achieve up to 60% better performance for internet traffic with AWS Global Accelerator, Improving Performance on AWS and Hybrid Networks, Route tables, AWS Transit
Gateway, Amazon Virtual Private Cloud (VPC)
C
Explanation:
AWS Global Accelerator is a service that improves network performance by sending traffic through the AWS worldwide network infrastructure. It uses the AWS global network to direct TCP or UDP traffic to a healthy application endpoint in the closest AWS Region to the client. This provides improvements in terms of latency, throughput, and jitter. Global Accelerator also introduces features such as TCP termination at the edge, jumbo frame support, and large receive side window and TCP buffers to optimize data transfer12. Route table, AWS Transit Gateway, and Amazon VPC are not services or features that improve network performance by sending traffic through the AWS worldwide network infrastructure. Route table is a resource that defines how traffic is routed within a VPC3. AWS Transit Gateway is a service that enables you to connect your VPCs and on-premises networks to a single gateway4. Amazon VPC is a service that lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define5.
Reference: Achieve up to 60% better performance for internet traffic with AWS Global Accelerator, Improving Performance on AWS and Hybrid Networks, Route tables, AWS Transit
Gateway, Amazon Virtual Private Cloud (VPC)
Question #169
Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?
- A . Sustainability
- B . Security
- C . Performance efficiency
- D . Reliability
Correct Answer: B
B
Explanation:
The AWS Cloud Adoption Framework (AWS CAF) helps organizations understand how cloud adoption transforms the way they work, and it provides structure to identify and address gaps in skills and processes. The AWS CAF organizes guidance into six areas of focus, called perspectives. Each perspective reflects a different stakeholder viewpoint with its own distinct responsibilities, skills, and attributes. The Security Perspective helps you structure the selection and implementation of security controls that meet your organization’s needs2.
B
Explanation:
The AWS Cloud Adoption Framework (AWS CAF) helps organizations understand how cloud adoption transforms the way they work, and it provides structure to identify and address gaps in skills and processes. The AWS CAF organizes guidance into six areas of focus, called perspectives. Each perspective reflects a different stakeholder viewpoint with its own distinct responsibilities, skills, and attributes. The Security Perspective helps you structure the selection and implementation of security controls that meet your organization’s needs2.
Question #170
Which actions are examples of a company’s effort to right size its AWS resources to control cloud costs? (Select TWO.)
- A . Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.
- B . Base the selection of Amazon EC2 instance types on past utilization patterns.
- C . Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.
- D . Use Multi-AZ deployments for Amazon RDS.
- E . Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.
Correct Answer: B, C
B, C
Explanation:
Basing the selection of Amazon EC2 instance types on past utilization patterns is a way to right size the AWS resources and optimize the performance and cost. Using Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers is another way to reduce the storage costs and align them with the business value of the data. These two actions are recommended by the AWS Cost Optimization Pillar1. Switching from Amazon RDS to Amazon DynamoDB is not necessarily a cost-saving action, as it depends on the use case and the data model. Using Multi-AZ deployments for Amazon RDS is a way to improve the availability and durability of the database, but it also increases the cost. Replacing existing Amazon EC2 instances with AWS Elastic Beanstalk is a way to simplify the deployment and management of the application, but it does not affect the cost of the underlying EC2 instances.
B, C
Explanation:
Basing the selection of Amazon EC2 instance types on past utilization patterns is a way to right size the AWS resources and optimize the performance and cost. Using Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers is another way to reduce the storage costs and align them with the business value of the data. These two actions are recommended by the AWS Cost Optimization Pillar1. Switching from Amazon RDS to Amazon DynamoDB is not necessarily a cost-saving action, as it depends on the use case and the data model. Using Multi-AZ deployments for Amazon RDS is a way to improve the availability and durability of the database, but it also increases the cost. Replacing existing Amazon EC2 instances with AWS Elastic Beanstalk is a way to simplify the deployment and management of the application, but it does not affect the cost of the underlying EC2 instances.