Practice Free CLF-C02 Exam Online Questions
Question #51
A company wants its Amazon EC2 instances to be in different locations but share the same geographic area. The company also wants to use multiple power grids and independent networking connectivity for the EC2 instances.
Which solution meets these requirements?
- A . Use EC2 instances in multiple edge locations in the same AWS Region.
- B . Use EC2 instances in multiple Availability Zones in the same AWS Region.
- C . Use EC2 instances in multiple Amazon Connect locations in the same AWS Region
- D . Use EC2 instances in multiple AWS Artifact locations in the same AWS Region.
Correct Answer: B
B
Explanation:
Using multiple Availability Zones within the same AWS Region meets the requirements for having instances in different locations with independent power and networking. Availability Zones are distinct physical locations within a region, each with separate power sources and networking. Edge locations are used for content delivery, and Amazon Connect and AWS Artifact locations are not relevant to EC2 deployment and infrastructure.
B
Explanation:
Using multiple Availability Zones within the same AWS Region meets the requirements for having instances in different locations with independent power and networking. Availability Zones are distinct physical locations within a region, each with separate power sources and networking. Edge locations are used for content delivery, and Amazon Connect and AWS Artifact locations are not relevant to EC2 deployment and infrastructure.
Question #52
A company needs to perform data processing once a week that typically takes about 5 hours to complete.
Which AWS service should the company use for this workload?
- A . AWS Lambda
- B . Amazon EC2
- C . AWS CodeDeploy
- D . AWS Wavelength
Correct Answer: B
B
Explanation:
Amazon EC2 is the most suitable AWS service for this workload. Amazon EC2 provides secure, resizable compute capacity in the cloud. You can launch virtual servers, called instances, and configure them according to your needs. You can choose from different instance types, sizes, and families, and pay only for the resources you use. Amazon EC2 also offers features such as auto scaling, load balancing, security groups, and placement groups to optimize your performance, availability, and security1. Amazon EC2 is ideal for workloads that require consistent and reliable compute power, such as data processing, web hosting, gaming, and high-performance computing2. The other services are not suitable for this workload. AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers. You pay only for the compute time you consume. Lambda is best for short-lived, stateless, and event-driven workloads that can becompleted in under 15 minutes3. AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services. CodeDeploy is not a compute service, but a tool to help you update your applications with minimal downtime4. AWS Wavelength is a service that delivers ultra-low latency applications for 5G devices. Wavelength embeds AWS compute and storage services at the edge of telecommunications providers’ 5G networks. Wavelength is designed for mobile edge computing, such as interactive gaming, video streaming, and augmented reality.
Reference: Amazon EC2, Amazon EC2 Use Cases, AWS Lambda, AWS CodeDeploy, [AWS Wavelength]
B
Explanation:
Amazon EC2 is the most suitable AWS service for this workload. Amazon EC2 provides secure, resizable compute capacity in the cloud. You can launch virtual servers, called instances, and configure them according to your needs. You can choose from different instance types, sizes, and families, and pay only for the resources you use. Amazon EC2 also offers features such as auto scaling, load balancing, security groups, and placement groups to optimize your performance, availability, and security1. Amazon EC2 is ideal for workloads that require consistent and reliable compute power, such as data processing, web hosting, gaming, and high-performance computing2. The other services are not suitable for this workload. AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers. You pay only for the compute time you consume. Lambda is best for short-lived, stateless, and event-driven workloads that can becompleted in under 15 minutes3. AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services. CodeDeploy is not a compute service, but a tool to help you update your applications with minimal downtime4. AWS Wavelength is a service that delivers ultra-low latency applications for 5G devices. Wavelength embeds AWS compute and storage services at the edge of telecommunications providers’ 5G networks. Wavelength is designed for mobile edge computing, such as interactive gaming, video streaming, and augmented reality.
Reference: Amazon EC2, Amazon EC2 Use Cases, AWS Lambda, AWS CodeDeploy, [AWS Wavelength]
Question #53
What can a user accomplish using AWS CloudTrail?
- A . Generate an IAM user credentials report.
- B . Record API calls made to AWS services.
- C . Assess the compliance of AWS resource configurations with policies and guidelines.
- D . Ensure that Amazon EC2 instances are patched with the latest security updates. A company uses Amazon Workspaces.
Correct Answer: B
B
Explanation:
AWS CloudTrail is an AWS service that enables users to accomplish the task of recording API calls made to AWS services. AWS CloudTrail is a service that tracks user activity and API usage across the AWS account. AWS CloudTrail records the details of every API call made to AWS services, such as the identity of the caller, the time of the call, the source IP address of the caller, the parameters and responses of the call, and more. Users can use AWS CloudTrail to audit, monitor, and troubleshoot their AWS resources and actions. The other options are incorrect because they are not tasks that users can accomplish using AWS CloudTrail. Generating an IAM user credentials report is a task that users can accomplish using IAM, which is an AWS service that enables users to manage access and permissions to AWS resources and services. Assessing the compliance of AWS resource configurations with policies and guidelines is a task that users can accomplish using AWS Config, which is an AWS service that enables users to assess, audit, and evaluate the configurations of their AWS resources. Ensuring that Amazon EC2 instances are patched with the latest security updates is a task that users can accomplish using AWS Systems Manager, which is an AWS service that enables users to automate operational tasks, manage configuration and compliance, and monitor system health and performance.
Reference: AWS CloudTrail FAQs
B
Explanation:
AWS CloudTrail is an AWS service that enables users to accomplish the task of recording API calls made to AWS services. AWS CloudTrail is a service that tracks user activity and API usage across the AWS account. AWS CloudTrail records the details of every API call made to AWS services, such as the identity of the caller, the time of the call, the source IP address of the caller, the parameters and responses of the call, and more. Users can use AWS CloudTrail to audit, monitor, and troubleshoot their AWS resources and actions. The other options are incorrect because they are not tasks that users can accomplish using AWS CloudTrail. Generating an IAM user credentials report is a task that users can accomplish using IAM, which is an AWS service that enables users to manage access and permissions to AWS resources and services. Assessing the compliance of AWS resource configurations with policies and guidelines is a task that users can accomplish using AWS Config, which is an AWS service that enables users to assess, audit, and evaluate the configurations of their AWS resources. Ensuring that Amazon EC2 instances are patched with the latest security updates is a task that users can accomplish using AWS Systems Manager, which is an AWS service that enables users to automate operational tasks, manage configuration and compliance, and monitor system health and performance.
Reference: AWS CloudTrail FAQs
Question #54
Which AWS service is a continuous delivery and deployment solution?
- A . AWS AppSync
- B . AWS CodePipeline
- C . AWS Cloud9
- D . AWS CodeCommit
Correct Answer: B
B
Explanation:
AWS CodePipeline is a continuous delivery and deployment service that automates the release process of software applications across different stages, such as source code, build, test, and deploy2. AWS AppSync, AWS Cloud9, and AWS Code Commit are other AWS services related to application development, but they do not provide continuous delivery and deployment solutions34.
B
Explanation:
AWS CodePipeline is a continuous delivery and deployment service that automates the release process of software applications across different stages, such as source code, build, test, and deploy2. AWS AppSync, AWS Cloud9, and AWS Code Commit are other AWS services related to application development, but they do not provide continuous delivery and deployment solutions34.
Question #55
A company runs a legacy workload in an on-premises data center. The company wants to migrate the workload to AWS. The company does not want to make any changes to the workload.
Which migration strategy should the company use?
- A . Repurchase
- B . Replatform
- C . Rehost
- D . Refactor
Correct Answer: C
C
Explanation:
The Rehostmigration strategy, often referred to as “lift-and-shift,” involves moving applications to the cloud with minimal or no modifications. This approach is suitable when a company wants to migrate legacy workloads to AWS without altering them. Other strategies, such as Repurchase, Replatform, and Refactor, involve making changes to the application or adopting different services, which is not aligned with the requirement to avoid modifications.
C
Explanation:
The Rehostmigration strategy, often referred to as “lift-and-shift,” involves moving applications to the cloud with minimal or no modifications. This approach is suitable when a company wants to migrate legacy workloads to AWS without altering them. Other strategies, such as Repurchase, Replatform, and Refactor, involve making changes to the application or adopting different services, which is not aligned with the requirement to avoid modifications.
Question #56
Which of the following is an advantage of AWS Cloud computing?
- A . Trade security for elasticity.
- B . Trade operational excellence for agility.
- C . Trade fixed expenses for variable expenses.
- D . Trade elasticity for performance.
Correct Answer: C
C
Explanation:
The correct answer is C because AWS Cloud computing allows customers to trade fixed expenses for variable expenses. This means that customers only pay for the resources they use, and can scale up or down as needed. The other options are incorrect because they are not advantages of AWS Cloud computing. Trade security for elasticity means that customers have to compromise on the protection of their data and applications in order to adjust their capacity quickly. Trade operational excellence for agility means that customers have to sacrifice the quality and reliability of their operations in order to respond to changing needs faster. Trade elasticity for performance means that customers have to limit their ability to scale up or down in order to achieve higher speed and efficiency.
Reference: What is Cloud Computing?
C
Explanation:
The correct answer is C because AWS Cloud computing allows customers to trade fixed expenses for variable expenses. This means that customers only pay for the resources they use, and can scale up or down as needed. The other options are incorrect because they are not advantages of AWS Cloud computing. Trade security for elasticity means that customers have to compromise on the protection of their data and applications in order to adjust their capacity quickly. Trade operational excellence for agility means that customers have to sacrifice the quality and reliability of their operations in order to respond to changing needs faster. Trade elasticity for performance means that customers have to limit their ability to scale up or down in order to achieve higher speed and efficiency.
Reference: What is Cloud Computing?
Question #57
A company wants to create multiple isolated networks in the same AWS account.
Which AWS service or component will provide this functionality?
- A . AWS Transit Gateway
- B . Internet gateway
- C . Amazon VPC
- D . Amazon EC2
Correct Answer: C
C
Explanation:
Amazon Virtual Private Cloud (Amazon VPC) is the AWS service that allows customers to create multiple isolated networks in the same AWS account. A VPC is a logically isolated section of the AWS Cloud where customers can launch AWS resources in a virtual network that they define. Customers can create multiple VPCs within an AWS account, each with its own IP address range, subnets, route tables, security groups, network access control lists, gateways, and other components. AWS Transit Gateway, Internet gateway, and Amazon EC2 are not services or components that provide the functionality of creating multiple isolated networks in the same AWS account. AWS Transit Gateway is a service that enables customers to connect their Amazon VPCs and their on-premises networks to a single gateway. An Internet gateway is a component that enables communication between instances in a VPC and the Internet. Amazon EC2 is a service that provides scalable compute capacity in the cloud34
C
Explanation:
Amazon Virtual Private Cloud (Amazon VPC) is the AWS service that allows customers to create multiple isolated networks in the same AWS account. A VPC is a logically isolated section of the AWS Cloud where customers can launch AWS resources in a virtual network that they define. Customers can create multiple VPCs within an AWS account, each with its own IP address range, subnets, route tables, security groups, network access control lists, gateways, and other components. AWS Transit Gateway, Internet gateway, and Amazon EC2 are not services or components that provide the functionality of creating multiple isolated networks in the same AWS account. AWS Transit Gateway is a service that enables customers to connect their Amazon VPCs and their on-premises networks to a single gateway. An Internet gateway is a component that enables communication between instances in a VPC and the Internet. Amazon EC2 is a service that provides scalable compute capacity in the cloud34
Question #58
Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?
- A . Security awareness and training
- B . Development of an IAM password policy
- C . Patching of the guest operating system
- D . Physical and environmental controls
Correct Answer: D
D
Explanation:
Physical and environmental controls are entirely the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications. For more information, see [AWS Shared Responsibility Model] and [AWS Cloud Security].
D
Explanation:
Physical and environmental controls are entirely the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications. For more information, see [AWS Shared Responsibility Model] and [AWS Cloud Security].
Question #59
A company wants to migrate its Microsoft SQL Server database management system from on
premises to the AWS Cloud.
Which AWS service should the company use to reduce management overhead for this environment?
- A . Amazon Elastic Container Service (Amazon ECS)
- B . Amazon SageMaker
- C . Amazon RDS
- D . Amazon Athena
Correct Answer: C
C
Explanation:
Amazon Relational Database Service (Amazon RDS) is the AWS service that the company should use to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud. Amazon RDS is a fully managed service that provides a scalable, secure, and high-performance relational database platform. Amazon RDS supports several database engines, including Microsoft SQL Server. Amazon RDS reduces the management overhead for the database environment by taking care of tasks such as provisioning, patching, backup, recovery, and monitoring. For more information, see What is Amazon Relational Database Service (Amazon RDS)? and Amazon RDS for SQL Server.
C
Explanation:
Amazon Relational Database Service (Amazon RDS) is the AWS service that the company should use to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud. Amazon RDS is a fully managed service that provides a scalable, secure, and high-performance relational database platform. Amazon RDS supports several database engines, including Microsoft SQL Server. Amazon RDS reduces the management overhead for the database environment by taking care of tasks such as provisioning, patching, backup, recovery, and monitoring. For more information, see What is Amazon Relational Database Service (Amazon RDS)? and Amazon RDS for SQL Server.
Question #60
Which AWS service is deployed to VPCs and provides protection from common network threats?
- A . AWS Shield
- B . AWSWAF
- C . AWS Network Firewall
- D . AWS Firewall Manager
Correct Answer: C
C
Explanation:
AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs). The service can be set up with just a few clicks from the AWS console or using APIs. AWS Network Firewall automatically scales with your network traffic, so you don’t have to worry about deploying and managing any infrastructure. AWS Network Firewall provides protection from common network threats such as SQL injection, cross-site scripting, and DDoS attacks1.
C
Explanation:
AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs). The service can be set up with just a few clicks from the AWS console or using APIs. AWS Network Firewall automatically scales with your network traffic, so you don’t have to worry about deploying and managing any infrastructure. AWS Network Firewall provides protection from common network threats such as SQL injection, cross-site scripting, and DDoS attacks1.