Practice Free CLF-C02 Exam Online Questions
Question #121
Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required?
- A . AWS Encryption SDK
- B . AWS Security Hub
- C . AWS Secrets Manager
- D . AWS Artifact
Correct Answer: C
C
Explanation:
AWS Secrets Manager is a service designed to securely store and manage access to sensitive information such as API keys, passwords, and database credentials. It allows automatic rotation, secure storage, and fine-grained access control for these credentials, ensuring they are securely managed. The other options do not provide encrypted storage for credentials specifically.
C
Explanation:
AWS Secrets Manager is a service designed to securely store and manage access to sensitive information such as API keys, passwords, and database credentials. It allows automatic rotation, secure storage, and fine-grained access control for these credentials, ensuring they are securely managed. The other options do not provide encrypted storage for credentials specifically.
Question #122
A company has an online shopping website and wants to store customers’ credit card dat a. The company must meet Payment Card Industry (PCI) standards.
Which service can the company use to access AWS compliance documentation?
- A . Amazon Cloud Directory
- B . AWS Artifact
- C . AWS Trusted Advisor
- D . Amazon Inspector
Correct Answer: B
B
Explanation:
The correct answer is B because AWS Artifact is a service that provides access to AWS compliance documentation, such as audit reports, security certifications, and agreements. AWS Artifact allows customers to download, review, and accept the documents that are relevant to their use of AWS services. The other options are incorrect because they are not services that provide access to AWS compliance documentation. Amazon Cloud Directory is a service that enables customers to create flexible cloud-native directories for organizing hierarchies of data. AWS Trusted Advisor is a service that provides real-time guidance to help customers follow AWS best practices for security, performance, cost optimization, and fault tolerance. Amazon Inspector is a service that helps customers find security vulnerabilities and deviations from best practices in their Amazon EC2 instances.
Reference: [AWS Artifact FAQs]
B
Explanation:
The correct answer is B because AWS Artifact is a service that provides access to AWS compliance documentation, such as audit reports, security certifications, and agreements. AWS Artifact allows customers to download, review, and accept the documents that are relevant to their use of AWS services. The other options are incorrect because they are not services that provide access to AWS compliance documentation. Amazon Cloud Directory is a service that enables customers to create flexible cloud-native directories for organizing hierarchies of data. AWS Trusted Advisor is a service that provides real-time guidance to help customers follow AWS best practices for security, performance, cost optimization, and fault tolerance. Amazon Inspector is a service that helps customers find security vulnerabilities and deviations from best practices in their Amazon EC2 instances.
Reference: [AWS Artifact FAQs]
Question #123
A company needs to deploy applications in the AWS Cloud as quickly as possible. The company also needs to minimize the complexity that is related to the management of AWS resources.
Which AWS service should the company use to meet these requirements?
- A . AWS config
- B . AWS Elastic Beanstalk
- C . Amazon EC2
- D . Amazon Personalize
Correct Answer: B
B
Explanation:
AWS Elastic Beanstalk is the AWS service that allows customers to deploy applications in the AWS Cloud as quickly as possible. AWS Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, and auto-scaling to application health monitoring. Customers can upload their code and Elastic Beanstalk will take care of the rest1. AWS Elastic Beanstalk also minimizes the complexity that is related to the management of AWS resources. Customers can retain full control of the underlying AWS resources powering their applications and adjust the settings to suittheir needs1. Customers can also use the AWS Management Console, the AWS Command Line Interface (AWS CLI), or APIs to manage their applications1.
AWS Config is the AWS service that enables customers to assess, audit, and evaluate the configurations of their AWS resources. AWS Config continuously monitors and records the configuration changes of the resources and evaluates them against desired configurations or best practices2. AWS Config does not help customers deploy applications in the AWS Cloud as quickly as possible or minimize the complexity that is related to the management of AWS resources.
Amazon EC2 is the AWS service that provides secure, resizable compute capacity in the cloud. Customers can launch virtual servers called instances and choose from various configurations of CPU, memory, storage, and networking resources3. Amazon EC2 does not automatically handle the deployment or management of AWS resources for customers. Customers have to manually provision, configure, monitor, and scale their instances and other related resources.
Amazon Personalize is the AWS service that enables customers to create personalized recommendations for their users based on their behavior and preferences. Amazon Personalize uses machine learning to analyze data and deliver real-time recommendations4. Amazon Personalize does not help customers deploy applications in the AWS Cloud as quickly as possible or minimize the complexity that is related to the management of AWS resources.
B
Explanation:
AWS Elastic Beanstalk is the AWS service that allows customers to deploy applications in the AWS Cloud as quickly as possible. AWS Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, and auto-scaling to application health monitoring. Customers can upload their code and Elastic Beanstalk will take care of the rest1. AWS Elastic Beanstalk also minimizes the complexity that is related to the management of AWS resources. Customers can retain full control of the underlying AWS resources powering their applications and adjust the settings to suittheir needs1. Customers can also use the AWS Management Console, the AWS Command Line Interface (AWS CLI), or APIs to manage their applications1.
AWS Config is the AWS service that enables customers to assess, audit, and evaluate the configurations of their AWS resources. AWS Config continuously monitors and records the configuration changes of the resources and evaluates them against desired configurations or best practices2. AWS Config does not help customers deploy applications in the AWS Cloud as quickly as possible or minimize the complexity that is related to the management of AWS resources.
Amazon EC2 is the AWS service that provides secure, resizable compute capacity in the cloud. Customers can launch virtual servers called instances and choose from various configurations of CPU, memory, storage, and networking resources3. Amazon EC2 does not automatically handle the deployment or management of AWS resources for customers. Customers have to manually provision, configure, monitor, and scale their instances and other related resources.
Amazon Personalize is the AWS service that enables customers to create personalized recommendations for their users based on their behavior and preferences. Amazon Personalize uses machine learning to analyze data and deliver real-time recommendations4. Amazon Personalize does not help customers deploy applications in the AWS Cloud as quickly as possible or minimize the complexity that is related to the management of AWS resources.
Question #124
A company wants to create a set of custom dashboards to collect metrics to monitor its applications.
Which AWS service will meet these requirements?
- A . Amazon CloudWatch
- B . AWS X-Ray
- C . AWS Systems Manager
- D . AWS CloudTrail
Correct Answer: A
A
Explanation:
Amazon CloudWatch is a service that provides monitoring and observability for AWS resources and applications. Users can create custom dashboards to collect and visualize metrics, logs, alarms, and events from different sources5. AWS X-Ray is a service that provides distributed tracing and analysis for applications. AWS Systems Manager is a service that provides operational management for AWS resources and applications. AWS CloudTrail is a service that provides governance, compliance, and auditing for AWS account activity.
A
Explanation:
Amazon CloudWatch is a service that provides monitoring and observability for AWS resources and applications. Users can create custom dashboards to collect and visualize metrics, logs, alarms, and events from different sources5. AWS X-Ray is a service that provides distributed tracing and analysis for applications. AWS Systems Manager is a service that provides operational management for AWS resources and applications. AWS CloudTrail is a service that provides governance, compliance, and auditing for AWS account activity.
Question #125
A company has migrated its workloads to AWS. The company wants to adopt AWS at scale and operate more efficiently and securely.
Which AWS service or framework should the company use for operational support?
- A . AWS Support
- B . AWS Cloud Adoption Framework (AWS CAF)
- C . AWS Managed Services (AMS)
- D . AWS Well-Architected Framework
Correct Answer: D
D
Explanation:
The AWS Well-Architected Framework is a set of best practices and guidelines for designing and operating workloads on AWS. It helps customers achieve operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. The framework is based on six pillars, each with its own design principles, best practices, and questions. Customers can use the framework to assess their current state, identify gaps, and implement improvements12.
AWS Support is a service that provides technical assistance, guidance, and resources for AWS customers. It offers different plans with varying levels of access to AWS experts, response times, and features3. AWS Support does not provide a comprehensive framework for operational support. AWS Cloud Adoption Framework (AWS CAF) is a guidance tool that helps customers plan and execute their cloud migration journey. It provides a set of perspectives, capabilities, and best practices to align the business and technical aspects of cloud adoption4. AWS CAF does not focus on operational support for existing workloads on AWS.
AWS Managed Services (AMS) is a service that operates AWS infrastructure on behalf of customers. It provides a secure and compliant environment, automates commonactivities, and applies best practices for provisioning, patching, backup, recovery, and monitoring5. AMS does not provide a framework for customers to operate their own workloads on AWS.
D
Explanation:
The AWS Well-Architected Framework is a set of best practices and guidelines for designing and operating workloads on AWS. It helps customers achieve operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. The framework is based on six pillars, each with its own design principles, best practices, and questions. Customers can use the framework to assess their current state, identify gaps, and implement improvements12.
AWS Support is a service that provides technical assistance, guidance, and resources for AWS customers. It offers different plans with varying levels of access to AWS experts, response times, and features3. AWS Support does not provide a comprehensive framework for operational support. AWS Cloud Adoption Framework (AWS CAF) is a guidance tool that helps customers plan and execute their cloud migration journey. It provides a set of perspectives, capabilities, and best practices to align the business and technical aspects of cloud adoption4. AWS CAF does not focus on operational support for existing workloads on AWS.
AWS Managed Services (AMS) is a service that operates AWS infrastructure on behalf of customers. It provides a secure and compliant environment, automates commonactivities, and applies best practices for provisioning, patching, backup, recovery, and monitoring5. AMS does not provide a framework for customers to operate their own workloads on AWS.
Question #126
Which AWS service or tool can be used to consolidate payments for a company with multiple AWS accounts?
- A . AWS Cost and Usage Report
- B . AWS Organizations
- C . Cost Explorer
- D . AWS Budgets
Correct Answer: B
B
Explanation:
AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWS Organizationsincludes consolidated billing and account management capabilities that enable you to better meet the budgetary, security, and compliance needs of your business1.
B
Explanation:
AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWS Organizationsincludes consolidated billing and account management capabilities that enable you to better meet the budgetary, security, and compliance needs of your business1.
Question #127
A company wants to use an AWS networking solution to connect multiple VPCs.
Which AWS service will meet this requirement?
- A . AWS Config
- B . AWS Direct Connect
- C . Amazon GuardDuty
- D . AWS Transit Gateway
Correct Answer: D
Question #128
A company is moving its on-premises IT services to the AWS Cloud. The company wants to set spending limits and to receive notifications if the limits are exceeded.
Which AWS service or resource will meet these requirements?
- A . AWS Budgets
- B . AWS Cost and Usage Reports
- C . AWS Cost Explorer
- D . AWS Organizations consolidated billing
Correct Answer: A
Question #129
Which of the following is an advantage of AWS Cloud computing?
- A . Trade security for elasticity.
- B . Trade operational excellence for agility.
- C . Trade fixed expenses for variable expenses.
- D . Trade elasticity for performance.
Correct Answer: C
C
Explanation:
The correct answer is C because AWS Cloud computing allows customers to trade fixed expenses for variable expenses. This means that customers only pay for the resources they use, and can scale up or down as needed. The other options are incorrect because they are not advantages of AWS Cloud computing. Trade security for elasticity means that customers have to compromise on the protection of their data and applications in order to adjust their capacity quickly. Trade operational excellence for agility means that customers have to sacrifice the quality and reliability of their operations in order to respond to changing needs faster. Trade elasticity for performance means that customers have to limit their ability to scale up or down in order to achieve higher speed and efficiency.
Reference: What is Cloud Computing?
C
Explanation:
The correct answer is C because AWS Cloud computing allows customers to trade fixed expenses for variable expenses. This means that customers only pay for the resources they use, and can scale up or down as needed. The other options are incorrect because they are not advantages of AWS Cloud computing. Trade security for elasticity means that customers have to compromise on the protection of their data and applications in order to adjust their capacity quickly. Trade operational excellence for agility means that customers have to sacrifice the quality and reliability of their operations in order to respond to changing needs faster. Trade elasticity for performance means that customers have to limit their ability to scale up or down in order to achieve higher speed and efficiency.
Reference: What is Cloud Computing?
Question #130
A company wants to launch multiple workloads on AWS. Each workload is related to a different business unit. The company wants to separate and track costs for each business unit.
Which solution will meet these requirements with the LEAST operational overhead?
- A . Use AWS Organizations and create one account for each business unit.
- B . Use a spreadsheet to control the owners and cost of each resource.
- C . Use an Amazon DynamoDB table to record costs for each business unit.
- D . Use the AWS Billing console to assign owners to resources and track costs.
Correct Answer: A
A
Explanation:
AWS Organizations is a service that helps you centrally manage and govern your AWS environment. You can use AWS Organizations to create multiple accounts for different business units, and group them into organizational units (OUs) that reflect your organizational structure1. By doing so, you can separate and track costs for each business unit using the account ID as a cost allocation tag2. You can also use AWSOrganizations to apply policies and controls to your accounts, such as service control policies (SCPs) and tag policies1.
The other options are not suitable for meeting the requirements with the least operational overhead. Using a spreadsheet or a DynamoDB table to control and record costs for each business unit would require manual data entry and maintenance, which is prone to errors and inconsistencies. Using the AWS Billing console to assign owners to resources and track costs would also require manual tagging of each resource, which is time-consuming and inefficient.
1: What Is AWS Organizations? – AWS Organizations
2: Cost Tagging and Reporting with AWS Organizations | AWS Cloud Financial Management
A
Explanation:
AWS Organizations is a service that helps you centrally manage and govern your AWS environment. You can use AWS Organizations to create multiple accounts for different business units, and group them into organizational units (OUs) that reflect your organizational structure1. By doing so, you can separate and track costs for each business unit using the account ID as a cost allocation tag2. You can also use AWSOrganizations to apply policies and controls to your accounts, such as service control policies (SCPs) and tag policies1.
The other options are not suitable for meeting the requirements with the least operational overhead. Using a spreadsheet or a DynamoDB table to control and record costs for each business unit would require manual data entry and maintenance, which is prone to errors and inconsistencies. Using the AWS Billing console to assign owners to resources and track costs would also require manual tagging of each resource, which is time-consuming and inefficient.
1: What Is AWS Organizations? – AWS Organizations
2: Cost Tagging and Reporting with AWS Organizations | AWS Cloud Financial Management