Practice Free CLF-C02 Exam Online Questions
Question #171
A company wants to develop a shopping application that records customer orders. The application needs to use an AWS managed database service to store data.
Which AWS service should the company use to meet these requirements?
- A . Amazon RDS
- B . Amazon Redshift
- C . Amazon ElastiCache
- D . Amazon Neptune
Correct Answer: A
A
Explanation:
A is correct because Amazon RDS is the AWS service that provides a managed relational database service that supports various database engines, such as MySQL, PostgreSQL, Oracle, and SQL Server.
B is incorrect because Amazon Redshift is the AWS service that provides a managed data warehouse service that is optimized for analytical queries.
C is incorrect because Amazon ElastiCache is the AWS service that provides a managed in-memory data store service that supports Redis and Memcached.
D is incorrect because Amazon Neptune is the AWS service that provides a managed graph database service that supports property graph and RDF models.
A
Explanation:
A is correct because Amazon RDS is the AWS service that provides a managed relational database service that supports various database engines, such as MySQL, PostgreSQL, Oracle, and SQL Server.
B is incorrect because Amazon Redshift is the AWS service that provides a managed data warehouse service that is optimized for analytical queries.
C is incorrect because Amazon ElastiCache is the AWS service that provides a managed in-memory data store service that supports Redis and Memcached.
D is incorrect because Amazon Neptune is the AWS service that provides a managed graph database service that supports property graph and RDF models.
Question #172
Which AWS solution gives companies the ability to use protocols such as NFS to store and retrieve objects in Amazon S3?
- A . Amazon FSx for Lustre
- B . AWS Storage Gateway volume gateway
- C . AWS Storage Gateway file gateway
- D . Amazon Elastic File System (Amazon EFS)
Correct Answer: C
C
Explanation:
AWS Storage Gateway file gateway allows companies to use protocols such as NFS and SMB to store and retrieve objects in Amazon S3. File gateway provides a seamless integration between on-premises applications and Amazon S3, and enables low-latency access to data through local caching. File gateway also supports encryption, compression, and lifecycle management of the objects in Amazon S3. For more information, see What is AWS Storage Gateway? and File Gateway.
C
Explanation:
AWS Storage Gateway file gateway allows companies to use protocols such as NFS and SMB to store and retrieve objects in Amazon S3. File gateway provides a seamless integration between on-premises applications and Amazon S3, and enables low-latency access to data through local caching. File gateway also supports encryption, compression, and lifecycle management of the objects in Amazon S3. For more information, see What is AWS Storage Gateway? and File Gateway.
Question #173
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.
Where can the company purchase the security solution?
- A . AWS Partner Solutions Finder
- B . AWS Support Center
- C . AWS Management Console
- D . AWS Marketplace
Correct Answer: D
D
Explanation:
AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services that run on AWS. Customers can choose from a wide range of software products in popular categories such as security, networking, storage, machine learning, business intelligence, database, and DevOps. Customers can also use AWS Marketplace to purchase software as a service (SaaS) solution that are integrated with AWS. Customers can benefit from simplified procurement, billing, and deployment processes, as well as flexible pricing options and free trials. Customers can also leverage AWS Marketplace to discover and subscribe to solutions offered by AWS Partners, such as the security software vendor mentioned in the question.
Reference: AWS Marketplace, [AWS Marketplace: Software as a Service (SaaS)], [AWS Cloud Practitioner Essentials: Module 6 – AWS Pricing, Billing, and Support]
D
Explanation:
AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services that run on AWS. Customers can choose from a wide range of software products in popular categories such as security, networking, storage, machine learning, business intelligence, database, and DevOps. Customers can also use AWS Marketplace to purchase software as a service (SaaS) solution that are integrated with AWS. Customers can benefit from simplified procurement, billing, and deployment processes, as well as flexible pricing options and free trials. Customers can also leverage AWS Marketplace to discover and subscribe to solutions offered by AWS Partners, such as the security software vendor mentioned in the question.
Reference: AWS Marketplace, [AWS Marketplace: Software as a Service (SaaS)], [AWS Cloud Practitioner Essentials: Module 6 – AWS Pricing, Billing, and Support]
Question #174
A company has a compliance requirement to record and evaluate configuration changes, as well as perform remediation actions on AWS resources.
Which AWS service should the company use?
- A . AWS Config
- B . AWS Secrets Manager
- C . AWS CloudTrail
- D . AWS Trusted Advisor
Correct Answer: A
A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This can help you simplify compliance auditing, security analysis, change management, and operational troubleshooting1.
A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This can help you simplify compliance auditing, security analysis, change management, and operational troubleshooting1.
Question #175
Which AWS Support plan provides the full set of AWS Trusted Advisor checks at the LOWEST cost?
- A . AWS Developer Support
- B . AWS Business Support
- C . AWS Enterprise On-Ramp Support
- D . AWS Enterprise Support
Correct Answer: B
B
Explanation:
The AWS Support plan that provides the full set of AWS Trusted Advisor checks at the lowest cost is the AWS Business Support plan. The AWS Business Support plan includes access to the complete set of Trusted Advisor checks, which cover areas such as cost optimization, security, performance, fault tolerance, and service limits. This plan is specifically designed to support production workloads and includes 24/7 access to cloud support engineers, response times for impaired systems, and other enhanced technical support features.
AWS Developer Support, while more affordable, only provides limited Trusted Advisor checks, specifically around Service Limits and basic Security checks. Full access to all Trusted Advisor checks is only available with Business Support and higher-tier plans, such as Enterprise On-Ramp and Enterprise Support
B
Explanation:
The AWS Support plan that provides the full set of AWS Trusted Advisor checks at the lowest cost is the AWS Business Support plan. The AWS Business Support plan includes access to the complete set of Trusted Advisor checks, which cover areas such as cost optimization, security, performance, fault tolerance, and service limits. This plan is specifically designed to support production workloads and includes 24/7 access to cloud support engineers, response times for impaired systems, and other enhanced technical support features.
AWS Developer Support, while more affordable, only provides limited Trusted Advisor checks, specifically around Service Limits and basic Security checks. Full access to all Trusted Advisor checks is only available with Business Support and higher-tier plans, such as Enterprise On-Ramp and Enterprise Support
Question #176
Which action should a company take to improve security in its AWS account?
- A . Require multi-factor authentication (MFA) for privileged users.
- B . Remove the root user account.
- C . Create an access key for the AWS account root user.
- D . Create an access key for each privileged user.
Correct Answer: A
A
Explanation:
Enforcing multi-factor authentication (MFA) for privileged users enhances account security by requiring a second form of authentication. It reduces the risk of unauthorized access, even if credentials are compromised. Removing the root account is not possible, and creating access keys for the root account or privileged users can increase security risks rather than reduce them.
A
Explanation:
Enforcing multi-factor authentication (MFA) for privileged users enhances account security by requiring a second form of authentication. It reduces the risk of unauthorized access, even if credentials are compromised. Removing the root account is not possible, and creating access keys for the root account or privileged users can increase security risks rather than reduce them.
Question #177
Which group shares responsibility with AWS for security and compliance of AWS accounts and resources?
- A . Third-party vendors
- B . Customers
- C . Reseller partners
- D . Internet providers
Correct Answer: B
B
Explanation:
Customers share responsibility with AWS for security and compliance of AWS accounts and resources. This is part of the AWS shared responsibility model, which defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications, such as identity and access management, encryption, firewall, and backup. For more information, see AWS Shared Responsibility Model and AWS Cloud Security.
B
Explanation:
Customers share responsibility with AWS for security and compliance of AWS accounts and resources. This is part of the AWS shared responsibility model, which defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications, such as identity and access management, encryption, firewall, and backup. For more information, see AWS Shared Responsibility Model and AWS Cloud Security.
Question #178
Which database engines does Amazon Aurora support? (Select TWO.)
- A . Oracle
- B . Microsoft SQL Server
- C . MySQL
- D . PostgreSQL
- E . MongoDB
Correct Answer: C,D
C,D
Explanation:
Amazon Aurora is a relational database service that is compatible with MySQL and PostgreSQL engines. It delivers up to five times the performance of MySQL and up to three times the performance of PostgreSQL. It also provides high availability, scalability, security, and durability1
C,D
Explanation:
Amazon Aurora is a relational database service that is compatible with MySQL and PostgreSQL engines. It delivers up to five times the performance of MySQL and up to three times the performance of PostgreSQL. It also provides high availability, scalability, security, and durability1
Question #179
A company has developed a distributed application that recovers gracefully from interruptions. The application periodically processes large volumes of data by using multiple Amazon EC2 instances. The application is sometimes idle for months.
Which EC2 instance purchasing option is MOST cost-effective for this use case?
- A . Reserved Instances
- B . Spot Instances
- C . Dedicated Instances
- D . On-Demand Instances
Correct Answer: B
B
Explanation:
Spot Instances are instances that use spare EC2 capacity that is available for up to 90% off the On-Demand price. Because Spot Instances can be interrupted by EC2 with two minutes of notification when EC2 needs the capacity back, you can use them for applications that have flexible start and end times, or that can withstand interruptions5. This option is most cost-effective for the use case described in the question. Reserved Instances are instances that you purchase for a one-year or three-year term, and pay a lower hourly rate compared to On-Demand Instances. This option is suitable for applications that have steady state or predictable usage. Dedicated Instances are instances that run on hardware that’s dedicated to a single customer within an Amazon VPC. This option is suitable for applications that have stringent regulatory or compliance requirements. On-Demand Instances are instances that you pay for by the second, with no long-term commitments or upfront payments. This option is suitable for applications that have unpredictable or intermittent workloads.
B
Explanation:
Spot Instances are instances that use spare EC2 capacity that is available for up to 90% off the On-Demand price. Because Spot Instances can be interrupted by EC2 with two minutes of notification when EC2 needs the capacity back, you can use them for applications that have flexible start and end times, or that can withstand interruptions5. This option is most cost-effective for the use case described in the question. Reserved Instances are instances that you purchase for a one-year or three-year term, and pay a lower hourly rate compared to On-Demand Instances. This option is suitable for applications that have steady state or predictable usage. Dedicated Instances are instances that run on hardware that’s dedicated to a single customer within an Amazon VPC. This option is suitable for applications that have stringent regulatory or compliance requirements. On-Demand Instances are instances that you pay for by the second, with no long-term commitments or upfront payments. This option is suitable for applications that have unpredictable or intermittent workloads.
Question #180
A company wants to provide managed Windows virtual desktops and applications to its remote employees over secure network connections.
Which AWS services can the company use to meet these requirements? (Select TWO.)
- A . Amazon Connect
- B . Amazon AppStream 2.0
- C . Amazon Workspaces
- D . AWS Site-to-Site VPN
- E . Amazon Elastic Container Service (Amazon ECS)
Correct Answer: B,C
B,C
Explanation:
Amazon AppStream 2.0 and Amazon WorkSpaces are AWS services that can be used to provide
managed Windows virtual desktops and applications to remote employees over secure network
connections. Amazon AppStream 2.0 is a fully managed application streaming service that allows
users to access Windows desktop applications from any device, without installing or managing any
software. Amazon AppStream 2.0 delivers applications over an encrypted connection and isolates
them from the underlying infrastructure, ensuring security and compliance1. Amazon WorkSpaces is
a fully managed desktop virtualization service that allows users to access Windows or Linux desktops
from any device, with a consistent user experience. Amazon WorkSpaces provides persistent, cloud-
based virtual desktops that can be customized and scaled according to the user’s needs. Amazon
WorkSpaces also offers encryption, backup, and monitoring features to ensure security and
reliability2.
Reference: Amazon AppStream 2.0
Amazon WorkSpaces
B,C
Explanation:
Amazon AppStream 2.0 and Amazon WorkSpaces are AWS services that can be used to provide
managed Windows virtual desktops and applications to remote employees over secure network
connections. Amazon AppStream 2.0 is a fully managed application streaming service that allows
users to access Windows desktop applications from any device, without installing or managing any
software. Amazon AppStream 2.0 delivers applications over an encrypted connection and isolates
them from the underlying infrastructure, ensuring security and compliance1. Amazon WorkSpaces is
a fully managed desktop virtualization service that allows users to access Windows or Linux desktops
from any device, with a consistent user experience. Amazon WorkSpaces provides persistent, cloud-
based virtual desktops that can be customized and scaled according to the user’s needs. Amazon
WorkSpaces also offers encryption, backup, and monitoring features to ensure security and
reliability2.
Reference: Amazon AppStream 2.0
Amazon WorkSpaces