Practice Free CLF-C02 Exam Online Questions
Question #161
Where can users find examples of AWS Cloud solution designs?
- A . AWS Marketplace
- B . AWS Service Catalog
- C . AWS Architecture Center
- D . AWS Trusted Advisor
Correct Answer: C
C
Explanation:
The AWS Architecture Center provides examples, best practices, and architectural blueprints for various AWS Cloud solutions. It includes whitepapers, reference architectures, and detailed diagrams to help users design secure, scalable, and reliable applications on AWS. Other services like AWS Marketplace, Service Catalog, and Trusted Advisor do not offer solution design examples.
C
Explanation:
The AWS Architecture Center provides examples, best practices, and architectural blueprints for various AWS Cloud solutions. It includes whitepapers, reference architectures, and detailed diagrams to help users design secure, scalable, and reliable applications on AWS. Other services like AWS Marketplace, Service Catalog, and Trusted Advisor do not offer solution design examples.
Question #162
A company is reviewing the design of an application that will be migrated from on premises to a single Amazon EC2 instance.
What should the company do to make the application highly available?
- A . Provision additional EC2 instances in other Availability Zones.
- B . Configure an Application Load Balancer (ALB). Assign the EC2 instance as the ALB’s target.
- C . Use an Amazon Machine Image (AMI) to create the EC2 instance.
- D . Provision the application by using an EC2 Spot Instance.
Correct Answer: A
A
Explanation:
Provisioning additional EC2 instances in other Availability Zones is a way to make the application highly available, as it reduces the impact of failures and increases fault tolerance. Configuring an Application Load Balancer and assigning the EC2 instance as the ALB’s target is a way to distribute traffic among multiple instances, but it does not make the application highly available if there is only one instance. Using an Amazon Machine Image to create the EC2 instance is a way to launch a virtual server with a preconfigured operating system and software, but it does not make the application highly available by itself. Provisioning the application by using an EC2 Spot Instance is a way to use spare EC2 capacity at up to 90% off the On-Demand price, but it does not make the application highly available, as Spot Instances can be interrupted by EC2 with a two-minute notification.
A
Explanation:
Provisioning additional EC2 instances in other Availability Zones is a way to make the application highly available, as it reduces the impact of failures and increases fault tolerance. Configuring an Application Load Balancer and assigning the EC2 instance as the ALB’s target is a way to distribute traffic among multiple instances, but it does not make the application highly available if there is only one instance. Using an Amazon Machine Image to create the EC2 instance is a way to launch a virtual server with a preconfigured operating system and software, but it does not make the application highly available by itself. Provisioning the application by using an EC2 Spot Instance is a way to use spare EC2 capacity at up to 90% off the On-Demand price, but it does not make the application highly available, as Spot Instances can be interrupted by EC2 with a two-minute notification.
Question #163
A company is learning about its responsibilities that are related to the management of Amazon EC2 instances.
Which tasks for EC2 instances are the company’s responsibility, according to the AWS shared responsibility model? (Select TWO.)
- A . Install and patch the machine hypervisor.
- B . Patch the guest operating system.
- C . Encrypt data at rest on associated storage.
- D . Install the physical hardware and cabling.
- E . Provide physical security for the EC2 instances.
Correct Answer: B,C
B,C
Explanation:
Under the AWS Shared Responsibility Model, AWS manages the security of the cloud, while customers manage security in the cloud. For EC2 instances, it is the customer’s responsibility to manage the guest operating system, including patching and encrypting data stored on attached storage volumes. AWS is responsible for the underlying infrastructure, including physical security and hypervisor maintenance.
B,C
Explanation:
Under the AWS Shared Responsibility Model, AWS manages the security of the cloud, while customers manage security in the cloud. For EC2 instances, it is the customer’s responsibility to manage the guest operating system, including patching and encrypting data stored on attached storage volumes. AWS is responsible for the underlying infrastructure, including physical security and hypervisor maintenance.
Question #164
Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required?
- A . AWS Encryption SDK
- B . AWS Security Hub
- C . AWS Secrets Manager
- D . AWS Artifact
Correct Answer: C
C
Explanation:
AWS Secrets Manager is a service designed to securely store and manage access to sensitive information such as API keys, passwords, and database credentials. It allows automatic rotation, secure storage, and fine-grained access control for these credentials, ensuring they are securely managed. The other options do not provide encrypted storage for credentials specifically.
C
Explanation:
AWS Secrets Manager is a service designed to securely store and manage access to sensitive information such as API keys, passwords, and database credentials. It allows automatic rotation, secure storage, and fine-grained access control for these credentials, ensuring they are securely managed. The other options do not provide encrypted storage for credentials specifically.
Question #165
A company is moving some of its on-premises IT services to the AWS Cloud. The finance department wants to see the entire bill so it can forecast spending limits.
Which AWS service can the company use to set spending limits and receive notifications if those limits are exceeded?
- A . AWS Cost and Usage Reports
- B . AWS Budgets
- C . AWS Organizations consolidated billing
- D . Cost Explorer
Correct Answer: B
B
Explanation:
AWS Budgets allows organizations to set custom cost and usage budgets and receive notifications when they exceed predefined thresholds. This feature helps the finance department monitor spending and manage budget forecasts effectively. AWS Cost and Usage Reports and Cost Explorer provide detailed billing data but do not include budget notifications. Consolidated billing in AWS Organizations is useful for aggregating billing across accounts but does not provide budget alerts.
B
Explanation:
AWS Budgets allows organizations to set custom cost and usage budgets and receive notifications when they exceed predefined thresholds. This feature helps the finance department monitor spending and manage budget forecasts effectively. AWS Cost and Usage Reports and Cost Explorer provide detailed billing data but do not include budget notifications. Consolidated billing in AWS Organizations is useful for aggregating billing across accounts but does not provide budget alerts.
Question #166
A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.
Which cloud concept does this analysis demonstrate?
- A . Auto scaling
- B . Rightsizing
- C . Load balancing
- D . High availability
Correct Answer: B
B
Explanation:
Rightsizing is the cloud concept that this analysis demonstrates. Rightsizing is the process of optimizing the performance and cost of your AWS resources by selecting the most appropriate type, size, and configuration based on your workload requirements and usage patterns. Rightsizing can help you achieve potential cost savings by reducing the over-provisioning or under-utilization of your resources. You can use various AWS tools and services, such as AWS Cost Explorer, AWS Compute Optimizer, and AWS Trusted Advisor, to analyze your resource utilization and performance metrics, and receive recommendations for rightsizing.
B
Explanation:
Rightsizing is the cloud concept that this analysis demonstrates. Rightsizing is the process of optimizing the performance and cost of your AWS resources by selecting the most appropriate type, size, and configuration based on your workload requirements and usage patterns. Rightsizing can help you achieve potential cost savings by reducing the over-provisioning or under-utilization of your resources. You can use various AWS tools and services, such as AWS Cost Explorer, AWS Compute Optimizer, and AWS Trusted Advisor, to analyze your resource utilization and performance metrics, and receive recommendations for rightsizing.
Question #167
A company wants to automatically add and remove Amazon EC2 instances. The company wants the EC2 instances to adjust to varying workloads dynamically.
Which service or feature will meet these requirements?
- A . Amazon DynamoDB
- B . Amazon EC2 Spot Instances
- C . AWS Snow Family
- D . Amazon EC2 Auto Scaling
Correct Answer: D
D
Explanation:
Amazon EC2 Auto Scaling is a service that helps you maintain application availability and allows you to automatically add or remove EC2 instances according to definable conditions. You can create collections of EC2 instances, called Auto Scaling groups, and specify the minimum and maximum number of instances in each group. You can also define scaling policies that adjust the number of instances based on the demand on your application. Amazon EC2 Auto Scaling helps you improve the performance, reliability, and cost-efficiency of your EC2workloads123.
Reference: 1: VDI Desktops – Amazon Work Spaces Family – AWS, 2: What is Amazon EC2 Auto Scaling? – Amazon EC2 Auto Scaling, 3: Discover Amazon EC2 Auto Scaling Unit | Salesforce Trailhead
D
Explanation:
Amazon EC2 Auto Scaling is a service that helps you maintain application availability and allows you to automatically add or remove EC2 instances according to definable conditions. You can create collections of EC2 instances, called Auto Scaling groups, and specify the minimum and maximum number of instances in each group. You can also define scaling policies that adjust the number of instances based on the demand on your application. Amazon EC2 Auto Scaling helps you improve the performance, reliability, and cost-efficiency of your EC2workloads123.
Reference: 1: VDI Desktops – Amazon Work Spaces Family – AWS, 2: What is Amazon EC2 Auto Scaling? – Amazon EC2 Auto Scaling, 3: Discover Amazon EC2 Auto Scaling Unit | Salesforce Trailhead
Question #168
Which of the following is a software development framework that a company can use to define cloud resources as code and provision the resources through AWS CloudFormation?
- A . AWS CLI
- B . AWS Developer Center
- C . AWS Cloud Development Kit (AWS CDK)
- D . AWS CodeStar
Correct Answer: C
C
Explanation:
AWS Cloud Development Kit (AWS CDK) is a software development framework that allows you to define cloud resources as code using familiar programming languages, such as TypeScript, Python, Java, .NET, and Go (in Developer Preview). You can use AWS CDK to model your application resources using high-level constructs that provide sensible defaults and best practices, or use low-level constructs that provide full access to the underlying AWS CloudFormation resources. AWS CDK synthesizes your code into AWS CloudFormation templates that you can deploy using the AWS CDK CLI or the AWS Management Console. AWS CDK also integrates with other AWS services, such as AWS Code Commit, AWS Code Build, AWS Code Pipeline, AWS Lambda, Amazon EC2, Amazon S3, and more, to help you automate your development and deployment processes. AWS CDK is an open-source framework that you can extend and contribute to.
Reference: Cloud Development Framework – AWS Cloud Development Kit – AWS, AWS Cloud Development Kit Documentation, AWS Cloud Development Kit – Wikipedia, AWS CDK Intro Workshop | AWS CDK Workshop
C
Explanation:
AWS Cloud Development Kit (AWS CDK) is a software development framework that allows you to define cloud resources as code using familiar programming languages, such as TypeScript, Python, Java, .NET, and Go (in Developer Preview). You can use AWS CDK to model your application resources using high-level constructs that provide sensible defaults and best practices, or use low-level constructs that provide full access to the underlying AWS CloudFormation resources. AWS CDK synthesizes your code into AWS CloudFormation templates that you can deploy using the AWS CDK CLI or the AWS Management Console. AWS CDK also integrates with other AWS services, such as AWS Code Commit, AWS Code Build, AWS Code Pipeline, AWS Lambda, Amazon EC2, Amazon S3, and more, to help you automate your development and deployment processes. AWS CDK is an open-source framework that you can extend and contribute to.
Reference: Cloud Development Framework – AWS Cloud Development Kit – AWS, AWS Cloud Development Kit Documentation, AWS Cloud Development Kit – Wikipedia, AWS CDK Intro Workshop | AWS CDK Workshop
Question #169
A company wants to query its server logs to gain insights about its customers’ experiences.
Which AWS service will store this data MOST cost-effectively?
- A . Amazon Aurora
- B . Amazon Elastic File System (Amazon EFS)
- C . Amazon Elastic Block Store (Amazon EBS)
- D . Amazon S3
Correct Answer: D
D
Explanation:
Amazon S3 is an AWS service that provides scalable, durable, and cost-effective object storage in the cloud. Amazon S3 can store any amount and type of data, such as server logs, and offers various storage classes with different performance and pricing characteristics. Amazon S3 is the most cost-effective option for storing server logs, as it offers low-cost storage classes, such as S3 Standard-Infrequent Access (S3 Standard-IA) and S3 Intelligent-Tiering, that are suitable for infrequently accessed or changing access patterns data. Amazon S3 also integrates with other AWS services, such as Amazon Athena and Amazon OpenSearch Service, that can query the server logs directly from S3 without requiring any additional data loading or transformation.
Reference: Amazon S3, Amazon S3 Storage Classes, Querying Data in Amazon S3
D
Explanation:
Amazon S3 is an AWS service that provides scalable, durable, and cost-effective object storage in the cloud. Amazon S3 can store any amount and type of data, such as server logs, and offers various storage classes with different performance and pricing characteristics. Amazon S3 is the most cost-effective option for storing server logs, as it offers low-cost storage classes, such as S3 Standard-Infrequent Access (S3 Standard-IA) and S3 Intelligent-Tiering, that are suitable for infrequently accessed or changing access patterns data. Amazon S3 also integrates with other AWS services, such as Amazon Athena and Amazon OpenSearch Service, that can query the server logs directly from S3 without requiring any additional data loading or transformation.
Reference: Amazon S3, Amazon S3 Storage Classes, Querying Data in Amazon S3
Question #170
company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.
Which pillar of the AWS Well-Architected Framework is supported by these goals?
- A . Reliability
- B . Security
- C . Operational excellence
- D . Performance efficiency
Correct Answer: B
B
Explanation:
The pillar of the AWS Well-Architected Framework that is supported by the goals of protecting AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks is security. Security is the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. The security pillar covers topics such as identity and access management, data protection, infrastructure protection, detective controls, incident response, and compliance
B
Explanation:
The pillar of the AWS Well-Architected Framework that is supported by the goals of protecting AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks is security. Security is the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. The security pillar covers topics such as identity and access management, data protection, infrastructure protection, detective controls, incident response, and compliance