Practice Free CLF-C02 Exam Online Questions
Question #201
Which of the following describes an AWS Region?
- A . A specific location within a geographic area that provides high availability
- B . A set of data centers spanning multiple countries
- C . A global picture of a user’s cloud computing environment
- D . A collection of databases that can be accessed from a specific geographic area only
Correct Answer: A
A
Explanation:
An AWS Region is a specific location within a geographic area that provides high availability. An AWS Region consists of two or more Availability Zones, which are isolated locations within the sameRegion. Each Availability Zone has independent power, cooling, and physical security, and is connected to the other Availability Zones in the same Region by low-latency, high-throughput, and highly redundant networking. AWS services are available in multiple Regions around the world, allowing the user to choose where to run their applications and store their data1.
A
Explanation:
An AWS Region is a specific location within a geographic area that provides high availability. An AWS Region consists of two or more Availability Zones, which are isolated locations within the sameRegion. Each Availability Zone has independent power, cooling, and physical security, and is connected to the other Availability Zones in the same Region by low-latency, high-throughput, and highly redundant networking. AWS services are available in multiple Regions around the world, allowing the user to choose where to run their applications and store their data1.
Question #202
A company is connecting multiple VPCs and on-premises networks. The company needs to use an AWS service as a cloud router to simplify peering relationships.
Which AWS service can the company use to meet this requirement?
- A . AWS Direct Connect
- B . AWS Transit Gateway
- C . Amazon Connect
- D . Amazon Route 53
Correct Answer: B
B
Explanation:
AWS Transit Gateway acts as a cloud router for connecting multiple VPCs and on-premises networks, simplifying network management by creating a hub-and-spoke model for routing traffic. Direct Connect provides a private connection to AWS but does not function as a central router. Amazon
Connect is unrelated, and Route 53 is for DNS services, not VPC connectivity.
B
Explanation:
AWS Transit Gateway acts as a cloud router for connecting multiple VPCs and on-premises networks, simplifying network management by creating a hub-and-spoke model for routing traffic. Direct Connect provides a private connection to AWS but does not function as a central router. Amazon
Connect is unrelated, and Route 53 is for DNS services, not VPC connectivity.
Question #203
Which design principles should a company apply to AWS Cloud workloads to maximize sustainability and minimize environmental impact? (Select TWO.)
- A . Maximize utilization of Amazon EC2 instances.
- B . Minimize utilization of Amazon EC2 instances.
- C . Minimize usage of managed services.
- D . Force frequent application reinstallations by users.
- E . Reduce the need for users to reinstall applications.
Correct Answer: A,E
A,E
Explanation:
To maximize sustainability and minimize environmental impact, a company should apply the following design principles to AWS Cloud workloads: maximize utilization of Amazon EC2 instances and reduce the need for users to reinstall applications. Maximizing utilization of Amazon EC2 instances means that the company can optimize the performance and efficiency of their compute resources, and avoid wasting energy and money on idle or underutilized instances. The company can use features such as Amazon EC2 Auto Scaling, Amazon EC2 Spot Instances, and AWS Compute Optimizer to automatically adjust the number and type of instances based on demand, cost, and performance. Reducing the need for users to reinstall applications means that the company can minimize the amount of data and bandwidth required to deliver their applications to users, and avoid unnecessary downloads and updates that consume energy and resources. The company can use services such as Amazon CloudFront, AWS AppStream 2.0, and AWS Amplify to deliver their applications faster, more securely, and more efficiently to users across the globe. Minimizing utilization of Amazon EC2 instances, minimizing usage of managed services, and forcing frequent application reinstallations by users are not design principles that would maximize sustainability and minimize environmental impact. Minimizing utilization of Amazon EC2 instances would reduce the performance and efficiency of the compute resources, and potentially increase the costs and complexity of the cloud workloads. Minimizing usage of managed services would increase the operational overhead and responsibility of the company, and potentially expose them to more security and reliability risks. Forcing frequent application reinstallations by users would increase the amount of data and bandwidth required to deliver the applications to users, and potentially degrade the user experience and satisfaction.
A,E
Explanation:
To maximize sustainability and minimize environmental impact, a company should apply the following design principles to AWS Cloud workloads: maximize utilization of Amazon EC2 instances and reduce the need for users to reinstall applications. Maximizing utilization of Amazon EC2 instances means that the company can optimize the performance and efficiency of their compute resources, and avoid wasting energy and money on idle or underutilized instances. The company can use features such as Amazon EC2 Auto Scaling, Amazon EC2 Spot Instances, and AWS Compute Optimizer to automatically adjust the number and type of instances based on demand, cost, and performance. Reducing the need for users to reinstall applications means that the company can minimize the amount of data and bandwidth required to deliver their applications to users, and avoid unnecessary downloads and updates that consume energy and resources. The company can use services such as Amazon CloudFront, AWS AppStream 2.0, and AWS Amplify to deliver their applications faster, more securely, and more efficiently to users across the globe. Minimizing utilization of Amazon EC2 instances, minimizing usage of managed services, and forcing frequent application reinstallations by users are not design principles that would maximize sustainability and minimize environmental impact. Minimizing utilization of Amazon EC2 instances would reduce the performance and efficiency of the compute resources, and potentially increase the costs and complexity of the cloud workloads. Minimizing usage of managed services would increase the operational overhead and responsibility of the company, and potentially expose them to more security and reliability risks. Forcing frequent application reinstallations by users would increase the amount of data and bandwidth required to deliver the applications to users, and potentially degrade the user experience and satisfaction.
Question #204
Which AWS service or tool provides users with the ability to monitor AWS service quotas?
- A . AWS CloudTrail
- B . AWS Cost and Usage Reports
- C . AWS Trusted Advisor
- D . AWS Budgets
Correct Answer: C
C
Explanation:
The correct answer is C because AWS Trusted Advisor is an AWS service or tool that provides users with the ability to monitor AWS service quotas. AWS Trusted Advisor is an online tool that provides users with real-time guidance to help them provision their resources following AWS best practices.
One of the categories of checks that AWS Trusted Advisor performs is service limits, which monitors the usage of each AWS service and alerts users when they are close to reaching the default limit. The other options are incorrect because they are not AWS services or tools that provide users with the ability to monitor AWS service quotas. AWS CloudTrail is a service that enables users to track user activity and API usage across their AWS account. AWS Cost and Usage Reports is a tool that enables users to access comprehensive information about their AWS costs and usage. AWS Budgets is a tool that enables users to plan their service usage, costs, and reservations.
Reference: [AWS Trusted Advisor FAQs]
C
Explanation:
The correct answer is C because AWS Trusted Advisor is an AWS service or tool that provides users with the ability to monitor AWS service quotas. AWS Trusted Advisor is an online tool that provides users with real-time guidance to help them provision their resources following AWS best practices.
One of the categories of checks that AWS Trusted Advisor performs is service limits, which monitors the usage of each AWS service and alerts users when they are close to reaching the default limit. The other options are incorrect because they are not AWS services or tools that provide users with the ability to monitor AWS service quotas. AWS CloudTrail is a service that enables users to track user activity and API usage across their AWS account. AWS Cost and Usage Reports is a tool that enables users to access comprehensive information about their AWS costs and usage. AWS Budgets is a tool that enables users to plan their service usage, costs, and reservations.
Reference: [AWS Trusted Advisor FAQs]
Question #205
Which type of AWS storage is ephemeral and is deleted when an Amazon EC2 instance is stopped or terminated?
- A . Amazon Elastic Block Store (Amazon EBS)
- B . Amazon EC2 instance store
- C . Amazon Elastic File System (Amazon EFS)
- D . Amazon S3
Correct Answer: B
B
Explanation:
Amazon EC2 instance store provides temporary block-level storage for your EC2 instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data,and other temporary content. It can also be used to store temporary data that you replicate across a fleet of instances, such as a load-balanced pool of web servers. An instance store consists of one or more instance store volumes exposed as block devices. The size of an instance store as well as the number of devices available varies by instance type and instance size. The virtual devices for instance store volumes are ephemeral[0-23]. Instance types that support one instance store volume have ephemeral0. Instance types that support two or more instance store volumes have ephemeral0, ephemeral1, and so on. Instance store pricing Instance store volumes are included as part of the instance’s usage cost. The data on an instance store volume persists even if the instance is rebooted. However, the data does not persist if the instance is stopped, hibernated, or terminated. When the instance is stopped, hibernated, or terminated, every block of the instance store volume is cryptographically erased. Therefore, do not rely on instance store volumes for valuable, long-term data. If you need to retain the data stored on an instance store volume beyond the lifetime of the instance, you need to manually copy that data to more persistent storage, such as an Amazon EBS volume, an Amazon S3 bucket, or an Amazon EFS file system. There are some events that can result in your data not persisting throughout the lifetime of the instance. The following table indicates whether data on instance store volumes is persisted during specific events, for both virtualized and bare metal instances1.
Reference: Amazon EC2 instance store – Amazon Elastic Compute Cloud
B
Explanation:
Amazon EC2 instance store provides temporary block-level storage for your EC2 instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data,and other temporary content. It can also be used to store temporary data that you replicate across a fleet of instances, such as a load-balanced pool of web servers. An instance store consists of one or more instance store volumes exposed as block devices. The size of an instance store as well as the number of devices available varies by instance type and instance size. The virtual devices for instance store volumes are ephemeral[0-23]. Instance types that support one instance store volume have ephemeral0. Instance types that support two or more instance store volumes have ephemeral0, ephemeral1, and so on. Instance store pricing Instance store volumes are included as part of the instance’s usage cost. The data on an instance store volume persists even if the instance is rebooted. However, the data does not persist if the instance is stopped, hibernated, or terminated. When the instance is stopped, hibernated, or terminated, every block of the instance store volume is cryptographically erased. Therefore, do not rely on instance store volumes for valuable, long-term data. If you need to retain the data stored on an instance store volume beyond the lifetime of the instance, you need to manually copy that data to more persistent storage, such as an Amazon EBS volume, an Amazon S3 bucket, or an Amazon EFS file system. There are some events that can result in your data not persisting throughout the lifetime of the instance. The following table indicates whether data on instance store volumes is persisted during specific events, for both virtualized and bare metal instances1.
Reference: Amazon EC2 instance store – Amazon Elastic Compute Cloud
Question #206
Which AWS Cloud design principle does a company follow by using AWS CloudTrail?
- A . Recover automatically.
- B . Perform operations as code.
- C . Measure efficiency.
- D . Ensure traceability.
Correct Answer: D
D
Explanation:
The company follows the AWS Cloud design principle of ensuring traceability by using AWS CloudTrail. AWS CloudTrail is a service that records the API calls and events made by or on behalf of the AWS account. The company can use AWS CloudTrail to monitor, audit, and analyze the activity and changes in their AWS resources and applications. AWS CloudTrail helps the company to achieve compliance, security, governance, and operational efficiency. Recovering automatically, performing operations as code, and measuring efficiency are other AWS Cloud design principles, but they are not directly related to using AWS CloudTrail. Recovering automatically means that the company can design their cloud workloads to handle failures gracefully and resume normal operations without manual intervention. Performing operations as code means that the company can automate the creation, configuration, and management of their cloud resources using scripts or templates. Measuring efficiency means that the company can monitor and optimize the performance and utilization of their cloud resources and applications34
D
Explanation:
The company follows the AWS Cloud design principle of ensuring traceability by using AWS CloudTrail. AWS CloudTrail is a service that records the API calls and events made by or on behalf of the AWS account. The company can use AWS CloudTrail to monitor, audit, and analyze the activity and changes in their AWS resources and applications. AWS CloudTrail helps the company to achieve compliance, security, governance, and operational efficiency. Recovering automatically, performing operations as code, and measuring efficiency are other AWS Cloud design principles, but they are not directly related to using AWS CloudTrail. Recovering automatically means that the company can design their cloud workloads to handle failures gracefully and resume normal operations without manual intervention. Performing operations as code means that the company can automate the creation, configuration, and management of their cloud resources using scripts or templates. Measuring efficiency means that the company can monitor and optimize the performance and utilization of their cloud resources and applications34
Question #207
An ecommerce company has deployed a new web application on Amazon EC2 Instances. The company wants to distribute incoming HTTP traffic evenly across all running instances.
Which AWS service or resource will meet this requirement?
- A . Amazon EC2 Auto Scaling
- B . Application Load Balancer
- C . Gateway Load Balancer
- D . Network Load Balancer
Correct Answer: B
B
Explanation:
AnApplication Load Balancer (ALB)is the best choice for distributing incoming HTTP/HTTPS traffic evenly across multiple Amazon EC2 instances. It operates at theapplication layer (Layer 7 of the OSI model) and is specifically designed to handle HTTP and HTTPS traffic, which is ideal for web applications.
Here is why the ALB is the correct choice:
Layer 7 Load Balancing: The ALB works at the application layer and provides advanced routing capabilities based on content. It can inspect the incoming HTTP requests and make decisions on how to route traffic to various backend targets, which include Amazon EC2 instances, containers, or Lambda functions. This is particularly useful for web applications where you need to make routing decisions based on HTTP headers, paths, or query strings.
HTTP and HTTPS Support: The ALB natively supports HTTP and HTTPS protocols, making it the ideal load balancer for web-based applications. It can efficiently manage and route these types of traffic and handle tasks such as SSL/TLS termination.
Health Checks: The ALB can continuously monitor the health of the registered EC2 instances and only route traffic to healthy instances. This ensures high availability and reliability of the web application. Path-based and Host-based Routing: The ALB can route traffic based on the URL path or host header. This feature allows the same load balancer to serve multiple applications hosted on different domains or subdomains.
Integration with Auto Scaling: The ALB can integrate seamlessly with Amazon EC2 Auto Scaling. As the number of EC2 instances increases or decreases, the ALB automatically includes the new instances in its traffic distribution pool, ensuring even distribution of incoming requests. WebSocket Support: It also supports WebSocket and HTTP/2 protocols, which are essential for modern web applications that require real-time, bidirectional communication.
Why other options are not suitable:
B
Explanation:
AnApplication Load Balancer (ALB)is the best choice for distributing incoming HTTP/HTTPS traffic evenly across multiple Amazon EC2 instances. It operates at theapplication layer (Layer 7 of the OSI model) and is specifically designed to handle HTTP and HTTPS traffic, which is ideal for web applications.
Here is why the ALB is the correct choice:
Layer 7 Load Balancing: The ALB works at the application layer and provides advanced routing capabilities based on content. It can inspect the incoming HTTP requests and make decisions on how to route traffic to various backend targets, which include Amazon EC2 instances, containers, or Lambda functions. This is particularly useful for web applications where you need to make routing decisions based on HTTP headers, paths, or query strings.
HTTP and HTTPS Support: The ALB natively supports HTTP and HTTPS protocols, making it the ideal load balancer for web-based applications. It can efficiently manage and route these types of traffic and handle tasks such as SSL/TLS termination.
Health Checks: The ALB can continuously monitor the health of the registered EC2 instances and only route traffic to healthy instances. This ensures high availability and reliability of the web application. Path-based and Host-based Routing: The ALB can route traffic based on the URL path or host header. This feature allows the same load balancer to serve multiple applications hosted on different domains or subdomains.
Integration with Auto Scaling: The ALB can integrate seamlessly with Amazon EC2 Auto Scaling. As the number of EC2 instances increases or decreases, the ALB automatically includes the new instances in its traffic distribution pool, ensuring even distribution of incoming requests. WebSocket Support: It also supports WebSocket and HTTP/2 protocols, which are essential for modern web applications that require real-time, bidirectional communication.
Why other options are not suitable:
Question #208
A company simulates workflows to review and validate that all processes are effective and that staff are familiar with the processes.
Which design principle of the AWS Well-Architected Framework is the company following with this practice?
- A . Perform operations as code.
- B . Refine operation procedures frequently.
- C . Make frequent, small, reversible changes.
- D . Structure the company to support business outcomes.
Correct Answer: B
B
Explanation:
Refine operation procedures frequently is one of the design principles of the operational excellence pillar of the AWS Well-Architected Framework. It means that users should continuously review and validate their operational processes to ensure that they are effective and that staff are familiar with them. It also means that users should identify and address any gaps or issues in their processes, and incorporate feedback and lessons learned from operational events5. Perform operations as code is another design principle of the operational excellence pillar, which means that users should automate and script their operational tasks to reduce human error and enable consistent and repeatable execution. Make frequent, small, reversible changes is a design principle of the reliability pillar, which means that users should deploy changes in small increments that can be easily tested and rolled back if necessary. Structure the company to support business outcomes is a design principle of the performance efficiency pillar, which means that users should align their organizational structure and culture with their business goals and cloud strategy.
B
Explanation:
Refine operation procedures frequently is one of the design principles of the operational excellence pillar of the AWS Well-Architected Framework. It means that users should continuously review and validate their operational processes to ensure that they are effective and that staff are familiar with them. It also means that users should identify and address any gaps or issues in their processes, and incorporate feedback and lessons learned from operational events5. Perform operations as code is another design principle of the operational excellence pillar, which means that users should automate and script their operational tasks to reduce human error and enable consistent and repeatable execution. Make frequent, small, reversible changes is a design principle of the reliability pillar, which means that users should deploy changes in small increments that can be easily tested and rolled back if necessary. Structure the company to support business outcomes is a design principle of the performance efficiency pillar, which means that users should align their organizational structure and culture with their business goals and cloud strategy.
Question #209
An administrator observed that multiple AWS resources were deleted yesterday.
Which AWS service will help identify the cause and determine which user deleted the resources?
- A . AWS CtoudTrail
- B . Amazon Inspector
- C . Amazon GuardDuty
- D . AWS Trusted Advisor
Correct Answer: A
A
Explanation:
AWS CloudTrailis a service that enables governance, compliance, and operational and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail logs provide a history of AWS API calls for your account, including those made by the AWS Management Console, AWS SDKs, command-line tools, and other AWS services. In this case, AWS CloudTrail will help the administrator identify which user deleted the resources by reviewing the event history that records details such as which user performed the action, the time of the action, and which resources were affected.
B. Amazon Inspector: Incorrect, as it is a security assessment service that helps identify vulnerabilities and deviations from best practices, not for tracking user activity.
C. Amazon GuardDuty: Incorrect, as it is a threat detection service that monitors malicious activity and unauthorized behavior, not specifically for tracking changes made by users.
D. AWS Trusted Advisor: Incorrect, as it provides best practices and guidance for cost optimization, security, fault tolerance, and performance, not for logging user actions. AWS Cloud
Reference: AWS CloudTrail
A
Explanation:
AWS CloudTrailis a service that enables governance, compliance, and operational and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail logs provide a history of AWS API calls for your account, including those made by the AWS Management Console, AWS SDKs, command-line tools, and other AWS services. In this case, AWS CloudTrail will help the administrator identify which user deleted the resources by reviewing the event history that records details such as which user performed the action, the time of the action, and which resources were affected.
B. Amazon Inspector: Incorrect, as it is a security assessment service that helps identify vulnerabilities and deviations from best practices, not for tracking user activity.
C. Amazon GuardDuty: Incorrect, as it is a threat detection service that monitors malicious activity and unauthorized behavior, not specifically for tracking changes made by users.
D. AWS Trusted Advisor: Incorrect, as it provides best practices and guidance for cost optimization, security, fault tolerance, and performance, not for logging user actions. AWS Cloud
Reference: AWS CloudTrail
Question #210
A company has a compliance requirement to record and evaluate configuration changes, as well as perform remediation actions on AWS resources.
Which AWS service should the company use?
- A . AWS Config
- B . AWS Secrets Manager
- C . AWS CloudTrail
- D . AWS Trusted Advisor
Correct Answer: A
A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This can help you simplify compliance auditing, security analysis, change management, and operational troubleshooting1.
A
Explanation:
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This can help you simplify compliance auditing, security analysis, change management, and operational troubleshooting1.