Practice Free CLF-C02 Exam Online Questions
Question #221
A company wants a cost-effective option when running its applications in an Amazon EC2 instance for short time periods. The applications can be interrupted.
Which EC2 instance type will meet these requirements?
- A . Spot Instances
- B . On-Demand Instances
- C . Reserved Instances
- D . Dedicated Instances
Correct Answer: A
A
Explanation:
Spot Instances provide a cost-effective option for running Amazon EC2 instances for workloads that can tolerate interruptions. They allow you to use unused EC2 capacity in the AWS Cloud at a discounted price, making them suitable for applications that are flexible in terms of start and stop times. On-Demand Instances are more expensive and do not provide discounts for short-term, interruptible workloads, while Reserved and Dedicated Instances are for long-term or specific hardware needs.
A
Explanation:
Spot Instances provide a cost-effective option for running Amazon EC2 instances for workloads that can tolerate interruptions. They allow you to use unused EC2 capacity in the AWS Cloud at a discounted price, making them suitable for applications that are flexible in terms of start and stop times. On-Demand Instances are more expensive and do not provide discounts for short-term, interruptible workloads, while Reserved and Dedicated Instances are for long-term or specific hardware needs.
Question #222
How can an AWS user conduct security assessments of Amazon EC2 instances, NAT gateways, and Elastic
Load Balancers in a way that is approved by AWS?
- A . Flood a target with requests.
- B . Use Amazon Inspector.
- C . Perform penetration testing.
- D . Use the AWS Service Health Dashboard.
Correct Answer: B
B
Explanation:
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity2.
B
Explanation:
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity2.
Question #223
Which AWS Well-Architected Framework concept represents a system’s ability to remain functional when the system encounters operational problems?
- A . Consistency
- B . Elasticity
- C . Durability
- D . Latency
Correct Answer: B
B
Explanation:
The AWS Well-Architected Framework is a set of best practices and guidelines for designing and operating systems in the cloud. The framework consists of five pillars: operational excellence, security, reliability, performance efficiency, and cost optimization. The concept of elasticity represents a system’s ability to adapt to changes in demand by scaling resources up or down automatically. Therefore, the correct answer is B. You can learn more about the AWS Well-Architected Framework and its pillars
B
Explanation:
The AWS Well-Architected Framework is a set of best practices and guidelines for designing and operating systems in the cloud. The framework consists of five pillars: operational excellence, security, reliability, performance efficiency, and cost optimization. The concept of elasticity represents a system’s ability to adapt to changes in demand by scaling resources up or down automatically. Therefore, the correct answer is B. You can learn more about the AWS Well-Architected Framework and its pillars
Question #224
Which AWS service provides protection against DDoS attacks for applications that run in the AWS Cloud?
- A . Amazon VPC
- B . AWS Shield
- C . AWS Audit Manager
- D . AWS Config
Correct Answer: B
B
Explanation:
AWS Shield is an AWS service that provides protection against distributed denial of service (DDoS) attacks for applications that run in the AWS Cloud. DDoS attacks are attempts to make an online service unavailable by overwhelming it with traffic from multiple sources. AWS Shield provides two tiers of protection: AWS Shield Standard and AWS Shield Advanced. AWS Shield Standard is automatically enabled for all AWS customers at no additional charge. It provides protection against common and frequently occurring network and transport layer DDoS attacks. AWS Shield Advanced is an optional paid service that provides additional protection against larger and more sophisticated DDoS attacks. AWS Shield Advanced also provides access to 24/7 DDoS response team, cost protection, and enhanced detection and mitigation capabilities
B
Explanation:
AWS Shield is an AWS service that provides protection against distributed denial of service (DDoS) attacks for applications that run in the AWS Cloud. DDoS attacks are attempts to make an online service unavailable by overwhelming it with traffic from multiple sources. AWS Shield provides two tiers of protection: AWS Shield Standard and AWS Shield Advanced. AWS Shield Standard is automatically enabled for all AWS customers at no additional charge. It provides protection against common and frequently occurring network and transport layer DDoS attacks. AWS Shield Advanced is an optional paid service that provides additional protection against larger and more sophisticated DDoS attacks. AWS Shield Advanced also provides access to 24/7 DDoS response team, cost protection, and enhanced detection and mitigation capabilities
Question #225
A company has multiple AWS accounts. The company needs to receive a consolidated bill from AWS and must centrally manage security and compliance.
Which AWS service or feature should the company use to meet these requirements?
- A . AWS Cost and Usage Report
- B . AWS Organizations
- C . AWS Config
- D . AWS Security Hub
Correct Answer: B
B
Explanation:
AWS Organizations enables consolidated billing across multiple AWS accounts and allows for centralized management of security and compliance policies. It provides account grouping and centralized payment management, making it the optimal choice for a company requiring consolidated billing and centralized governance. AWS Cost and Usage Report only provides billing information, and AWS Config and Security Hub offer monitoring and security insights but do not handle billing consolidation.
B
Explanation:
AWS Organizations enables consolidated billing across multiple AWS accounts and allows for centralized management of security and compliance policies. It provides account grouping and centralized payment management, making it the optimal choice for a company requiring consolidated billing and centralized governance. AWS Cost and Usage Report only provides billing information, and AWS Config and Security Hub offer monitoring and security insights but do not handle billing consolidation.
Question #226
A company wants its Amazon EC2 instances to share the same geographic area but use redundant underlying power sources.
Which solution will meet these requirements?
- A . Use EC2 instances across multiple Availability Zones in the same AWS Region.
- B . Use Amazon CloudFront as the database for the EC2 instances.
- C . Use EC2 instances in the same edge location and the same Availability Zone.
- D . Use EC2 instances in AWS OpsWorks stacks in different AWS Regions.
Correct Answer: A
A
Explanation:
Using EC2 instances across multiple Availability Zones in the same AWS Region is a solution that meets the requirements of sharing the same geographic area but using redundant underlying power sources. Availability Zones are isolated locations within an AWS Region that have independent power, cooling, and physical security. They are connected through low-latency, high-throughput, and highly redundant networking. By launching EC2 instances in different Availability Zones, users can increase the fault tolerance and availability of their applications. Amazon CloudFront is a contentdelivery network (CDN) service that speeds up the delivery of web content and media to end users by caching it at the edge locations closer to them. It is not a database service and cannot be used to store operational data for EC2 instances. Edge locations are sites that are part of the Amazon CloudFront network and are located in many cities around the world. They are not the same as Availability Zones and do not provide redundancy for EC2 instances. AWS OpsWorks is a configuration management service that allows users to automate the deployment and management of applications using Chef or Puppet. It can be used to create stacks that span multiple AWS Regions, but this would not meet the requirement of sharing the same geographic area.
A
Explanation:
Using EC2 instances across multiple Availability Zones in the same AWS Region is a solution that meets the requirements of sharing the same geographic area but using redundant underlying power sources. Availability Zones are isolated locations within an AWS Region that have independent power, cooling, and physical security. They are connected through low-latency, high-throughput, and highly redundant networking. By launching EC2 instances in different Availability Zones, users can increase the fault tolerance and availability of their applications. Amazon CloudFront is a contentdelivery network (CDN) service that speeds up the delivery of web content and media to end users by caching it at the edge locations closer to them. It is not a database service and cannot be used to store operational data for EC2 instances. Edge locations are sites that are part of the Amazon CloudFront network and are located in many cities around the world. They are not the same as Availability Zones and do not provide redundancy for EC2 instances. AWS OpsWorks is a configuration management service that allows users to automate the deployment and management of applications using Chef or Puppet. It can be used to create stacks that span multiple AWS Regions, but this would not meet the requirement of sharing the same geographic area.
Question #227
A developer who has no AWS Cloud experience wants to use AWS technology to build a web application.
Which AWS service should the developer use to start building the application?
- A . Amazon SageMaker
- B . AWS Lambda
- C . Amazon Lightsail
- D . Amazon Elastic Container Service (Amazon ECS)
Correct Answer: C
C
Explanation:
Amazon Lightsail is an easy-to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan1. It is designed for developers who have little or no prior cloud experience and want to launch and manage applications on AWS with minimal complexity2. Amazon SageMaker is a service for building, training, and deploying machine learning models3. AWS Lambda is a service that lets you run code without provisioning or managing servers4. Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service.
C
Explanation:
Amazon Lightsail is an easy-to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan1. It is designed for developers who have little or no prior cloud experience and want to launch and manage applications on AWS with minimal complexity2. Amazon SageMaker is a service for building, training, and deploying machine learning models3. AWS Lambda is a service that lets you run code without provisioning or managing servers4. Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service.
Question #228
Which AWS service is a key-value database that provides sub-millisecond latency on a large scale?
- A . Amazon DynamoDB
- B . Amazon Aurora
- C . Amazon DocumentDB (with MongoDB compatibility)
- D . Amazon Neptune
Correct Answer: A
A
Explanation:
The correct answer is A because Amazon DynamoDB is a key-value database that provides sub-millisecond latency on a large scale. Amazon DynamoDB is a fully managed, serverless, and scalable NoSQL database service that supports both key-value and document data models. The other options are incorrect because they are not key-value databases. Amazon Aurora is a relational database that is compatible with MySQL and PostgreSQL. Amazon DocumentDB (with MongoDB compatibility) is a document database that is compatible with MongoDB. Amazon Neptune is a graph database that supports property graph and RDF models.
Reference: Amazon DynamoDB FAQs
A
Explanation:
The correct answer is A because Amazon DynamoDB is a key-value database that provides sub-millisecond latency on a large scale. Amazon DynamoDB is a fully managed, serverless, and scalable NoSQL database service that supports both key-value and document data models. The other options are incorrect because they are not key-value databases. Amazon Aurora is a relational database that is compatible with MySQL and PostgreSQL. Amazon DocumentDB (with MongoDB compatibility) is a document database that is compatible with MongoDB. Amazon Neptune is a graph database that supports property graph and RDF models.
Reference: Amazon DynamoDB FAQs
Question #229
Which options are AWS Cloud Adoption Framework (AWS CAF) cloud transformation journey
recommendations? (Select TWO.)
- A . Envision phase
- B . Align phase
- C . Assess phase
- D . Mobilize phase
- E . Migrate and modernize phase
Correct Answer: A,B
A,B
Explanation:
The AWS Cloud Adoption Framework (AWS CAF) cloud transformation journey is a four-phase process that helps customers plan and execute their cloud migration and digital transformation.
The four phases are:
Envision phase: This phase focuses on demonstrating how cloud will help accelerate the business outcomes of the customer. It involves identifying and prioritizing transformation opportunities across four domains: business, people, governance, and platform. It also involves associating the transformation initiatives with key stakeholders and measurable business outcomes1.
Align phase: This phase focuses on identifying capability gaps across six perspectives: business, people, governance, platform, security, and operations. It also involves identifying cross-organizational dependencies and surfacing stakeholder concerns and challenges. The goal of this phase is to create strategies for improving the cloud readiness, ensure stakeholder alignment, and facilitate relevant organizational change management activities1.
Launch phase: This phase focuses on delivering pilot initiatives in production and demonstrating incremental business value. Pilots should be highly impactful and influence future direction. The customer should learn from the pilots and adjust their approach before scaling to full production1.
Scale phase: This phase focuses on expanding production pilots and business value to the desired scale and ensuring that the business benefits associated with the cloud investments are realized and sustained1.
A,B
Explanation:
The AWS Cloud Adoption Framework (AWS CAF) cloud transformation journey is a four-phase process that helps customers plan and execute their cloud migration and digital transformation.
The four phases are:
Envision phase: This phase focuses on demonstrating how cloud will help accelerate the business outcomes of the customer. It involves identifying and prioritizing transformation opportunities across four domains: business, people, governance, and platform. It also involves associating the transformation initiatives with key stakeholders and measurable business outcomes1.
Align phase: This phase focuses on identifying capability gaps across six perspectives: business, people, governance, platform, security, and operations. It also involves identifying cross-organizational dependencies and surfacing stakeholder concerns and challenges. The goal of this phase is to create strategies for improving the cloud readiness, ensure stakeholder alignment, and facilitate relevant organizational change management activities1.
Launch phase: This phase focuses on delivering pilot initiatives in production and demonstrating incremental business value. Pilots should be highly impactful and influence future direction. The customer should learn from the pilots and adjust their approach before scaling to full production1.
Scale phase: This phase focuses on expanding production pilots and business value to the desired scale and ensuring that the business benefits associated with the cloud investments are realized and sustained1.
Question #230
A company wants its Amazon EC2 instances to share the same geographic area but use multiple
independent underlying power sources.
Which solution achieves this goal?
- A . Use EC2 instances in a single Availability Zone.
- B . Use EC2 instances in multiple AWS Regions.
- C . Use EC2 instances in multiple Availability Zones in the same AWS Region.
- D . Use EC2 instances in the same edge location and the same AWS Region.
Correct Answer: C
C
Explanation:
The solution that achieves the goal of having Amazon EC2 instances share the same geographic area but use multiple independent underlying power sources is to use EC2 instances in multiple Availability Zones in the same AWS Region. An Availability Zone is a physically isolated location within an AWS Region that has its own power, cooling, and network connectivity. An AWS Region is a geographical area that consists of two or more Availability Zones. By using multiple Availability Zones, users can increase the fault tolerance and resilience of their applications, as well as reduce latency for end users3. Using EC2 instances in a single Availability Zone, multiple AWS Regions, or the same edge location and the same AWS Region would not meet the requirement of having multiple independent power sources.
C
Explanation:
The solution that achieves the goal of having Amazon EC2 instances share the same geographic area but use multiple independent underlying power sources is to use EC2 instances in multiple Availability Zones in the same AWS Region. An Availability Zone is a physically isolated location within an AWS Region that has its own power, cooling, and network connectivity. An AWS Region is a geographical area that consists of two or more Availability Zones. By using multiple Availability Zones, users can increase the fault tolerance and resilience of their applications, as well as reduce latency for end users3. Using EC2 instances in a single Availability Zone, multiple AWS Regions, or the same edge location and the same AWS Region would not meet the requirement of having multiple independent power sources.