Practice Free CLF-C02 Exam Online Questions
Question #71
An administrator observed that multiple AWS resources were deleted yesterday.
Which AWS service will help identify the cause and determine which user deleted the resources?
- A . AWS CtoudTrail
- B . Amazon Inspector
- C . Amazon GuardDuty
- D . AWS Trusted Advisor
Correct Answer: A
A
Explanation:
AWS CloudTrailis a service that enables governance, compliance, and operational and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail logs provide a history of AWS API calls for your account, including those made by the AWS Management Console, AWS SDKs, command-line tools, and other AWS services. In this case, AWS CloudTrail will help the administrator identify which user deleted the resources by reviewing the event history that records details such as which user performed the action, the time of the action, and which resources were affected.
B. Amazon Inspector: Incorrect, as it is a security assessment service that helps identify vulnerabilities and deviations from best practices, not for tracking user activity.
C. Amazon GuardDuty: Incorrect, as it is a threat detection service that monitors malicious activity and unauthorized behavior, not specifically for tracking changes made by users.
D. AWS Trusted Advisor: Incorrect, as it provides best practices and guidance for cost optimization, security, fault tolerance, and performance, not for logging user actions. AWS Cloud
Reference: AWS CloudTrail
A
Explanation:
AWS CloudTrailis a service that enables governance, compliance, and operational and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail logs provide a history of AWS API calls for your account, including those made by the AWS Management Console, AWS SDKs, command-line tools, and other AWS services. In this case, AWS CloudTrail will help the administrator identify which user deleted the resources by reviewing the event history that records details such as which user performed the action, the time of the action, and which resources were affected.
B. Amazon Inspector: Incorrect, as it is a security assessment service that helps identify vulnerabilities and deviations from best practices, not for tracking user activity.
C. Amazon GuardDuty: Incorrect, as it is a threat detection service that monitors malicious activity and unauthorized behavior, not specifically for tracking changes made by users.
D. AWS Trusted Advisor: Incorrect, as it provides best practices and guidance for cost optimization, security, fault tolerance, and performance, not for logging user actions. AWS Cloud
Reference: AWS CloudTrail
Question #72
Which AWS services are serverless? (Select TWO.)
- A . AWS Fargate
- B . Amazon Managed Streaming for Apache Kafka
- C . Amazon EMR
- D . Amazon S3
- E . Amazon EC2
Correct Answer: A,D
A,D
Explanation:
AWS Fargate and Amazon S3 are both serverless services. Fargate allows users to run containers without managing the underlying infrastructure, while S3 provides object storage without the need for provisioning or managing servers. Amazon EC2, Amazon Managed Streaming for Apache Kafka, and Amazon EMR involve server management to varying degrees and are not serverless by nature.
A,D
Explanation:
AWS Fargate and Amazon S3 are both serverless services. Fargate allows users to run containers without managing the underlying infrastructure, while S3 provides object storage without the need for provisioning or managing servers. Amazon EC2, Amazon Managed Streaming for Apache Kafka, and Amazon EMR involve server management to varying degrees and are not serverless by nature.
Question #73
A company’s application has high customer usage during certain times of the day. The company wants to reduce the number of Amazon EC2 instances that run when application usage is low.
Which AWS service or instance purchasing option should the company use to meet this requirement?
- A . EC2 Instance Savings Plans
- B . Spot Instances
- C . Reserved Instances
- D . Amazon EC2 Auto Scaling
Correct Answer: D
D
Explanation:
Amazon EC2 Auto Scaling is an AWS service that can help users reduce the number of Amazon EC2 instances that run when application usage is low. Amazon EC2 Auto Scaling allows users to create scaling policies that automatically adjust the number of EC2 instances based on the demand or a schedule. EC2 Instance Savings Plans, Spot Instances, and Reserved Instances are instance purchasing options that can help users save money on EC2 usage, but they do not automatically scale the number of instances according to the application usage.
D
Explanation:
Amazon EC2 Auto Scaling is an AWS service that can help users reduce the number of Amazon EC2 instances that run when application usage is low. Amazon EC2 Auto Scaling allows users to create scaling policies that automatically adjust the number of EC2 instances based on the demand or a schedule. EC2 Instance Savings Plans, Spot Instances, and Reserved Instances are instance purchasing options that can help users save money on EC2 usage, but they do not automatically scale the number of instances according to the application usage.
Question #74
A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.
Which AWS service should the company use for the migration?
- A . AWS Database Migration Service (AWS DMS)
- B . AWS DataSync
- C . AWS Migration Hub
- D . AWS Application Migration Service
Correct Answer: B
B
Explanation:
AWS DataSync is designed for large-scale data transfers, especially involving large datasets with millions of files from on-premises to AWS. It provides fast and efficient transfer capabilities, and supports a one-time migration. AWS DMS is specific to databases, while Migration Hub is for tracking migrations, and Application Migration Service is for continuous replication rather than one-time file migrations.
B
Explanation:
AWS DataSync is designed for large-scale data transfers, especially involving large datasets with millions of files from on-premises to AWS. It provides fast and efficient transfer capabilities, and supports a one-time migration. AWS DMS is specific to databases, while Migration Hub is for tracking migrations, and Application Migration Service is for continuous replication rather than one-time file migrations.
Question #75
A company wants to integrate its online shopping website with social media login credentials.
Which AWS service can the company use to make this integration?
- A . AWS Directory Service
- B . AWS Identity and Access Management (IAM)
- C . Amazon Cognito
- D . AWS IAM Identity Center (AWS Single Sign-On)
Correct Answer: C
C
Explanation:
Amazon Cognito is a service that enables you to add user sign-up and sign-in features to your web and mobile applications. Amazon Cognito also supports social and enterprise identity federation, which means you can allow your users to sign in with their existing credentials from identity providers such as Google, Facebook, Apple, and Amazon. Amazon Cognito integrates with OpenID Connect (OIDC) and Security Assertion Markup Language (SAML) 2.0 protocols to facilitate the authentication and authorization process. Amazon Cognito also provides advanced security features, such as adaptive authentication, user verification, and multi-factor authentication (MFA).
Reference: Amazon Cognito, What is Amazon Cognito?
C
Explanation:
Amazon Cognito is a service that enables you to add user sign-up and sign-in features to your web and mobile applications. Amazon Cognito also supports social and enterprise identity federation, which means you can allow your users to sign in with their existing credentials from identity providers such as Google, Facebook, Apple, and Amazon. Amazon Cognito integrates with OpenID Connect (OIDC) and Security Assertion Markup Language (SAML) 2.0 protocols to facilitate the authentication and authorization process. Amazon Cognito also provides advanced security features, such as adaptive authentication, user verification, and multi-factor authentication (MFA).
Reference: Amazon Cognito, What is Amazon Cognito?
Question #76
A company is using AWS for all its IT Infrastructure. The company’s developers are allowed to deploy applications on their own. The developers want to deploy their applications without having to provision the infrastructure themselves.
Which AWS service should the developers use to meet these requirements?
- A . AWS Cloud Formation
- B . AWS CodeBuild
- C . AWS Elastic Beanstalk
- D . AWS CodeDeploy
Correct Answer: C
C
Explanation:
AWS Elastic Beanstalkis a fully managed service designed for developers who want to deploy and manage their applications without having to provision and manage the underlying infrastructure themselves. Developers can simply upload their code, and Elastic Beanstalk automatically handles the deployment, including provisioning the necessary resources (such as EC2 instances, load balancers, and auto-scaling).
C
Explanation:
AWS Elastic Beanstalkis a fully managed service designed for developers who want to deploy and manage their applications without having to provision and manage the underlying infrastructure themselves. Developers can simply upload their code, and Elastic Beanstalk automatically handles the deployment, including provisioning the necessary resources (such as EC2 instances, load balancers, and auto-scaling).
Question #77
A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency.
Which AWS service or feature should the company use to meet these requirements?
- A . Availability Zones
- B . AWS Local Zones
- C . AWS Wavelength
- D . AWS Outposts
Correct Answer: D
D
Explanation:
AWS Outposts is a service that offers fully managed and configurable compute and storage racks built with AWS-designed hardware that allow you to run your workloads on premises and seamlessly connect to AWS services in the cloud. AWS Outposts is ideal for workloads that require low latency, local data processing, or local data storage. With AWS Outposts, you can use the same AWS APIs, tools, and infrastructure across on premises and the cloud to deliver a truly consistent hybrid experience5. Availability Zones are isolated locations within each AWS Region that are engineered to be fault-tolerant and provide high availability. AWS Local Zones are extensions of AWS Regions that are placed closer to large population, industry, and IT centers where no AWS Region exists today. AWS Wavelength is a service that enables developers to build applications that deliver ultra-low latency to mobile devices and users by deploying AWS compute and storage at the edge of the 5G network. None of these services or features can help you host a critical application with minimum latency at a remote site that has a slow internet connection.
D
Explanation:
AWS Outposts is a service that offers fully managed and configurable compute and storage racks built with AWS-designed hardware that allow you to run your workloads on premises and seamlessly connect to AWS services in the cloud. AWS Outposts is ideal for workloads that require low latency, local data processing, or local data storage. With AWS Outposts, you can use the same AWS APIs, tools, and infrastructure across on premises and the cloud to deliver a truly consistent hybrid experience5. Availability Zones are isolated locations within each AWS Region that are engineered to be fault-tolerant and provide high availability. AWS Local Zones are extensions of AWS Regions that are placed closer to large population, industry, and IT centers where no AWS Region exists today. AWS Wavelength is a service that enables developers to build applications that deliver ultra-low latency to mobile devices and users by deploying AWS compute and storage at the edge of the 5G network. None of these services or features can help you host a critical application with minimum latency at a remote site that has a slow internet connection.
Question #78
Which benefits does a company gain when the company moves from on-premises IT architecture to the AWS Cloud? (Select TWO.)
- A . Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement
- B . Elimination of the need for trained IT staff
- C . Automatic security configuration of all applications that are migrated to the cloud
- D . Elimination of the need for disaster recovery planning
- E . Faster deployment of new features and applications
Correct Answer: A,E
A,E
Explanation:
When a company moves from on-premises IT architecture to the AWS Cloud, it gains several benefits:
A,E
Explanation:
When a company moves from on-premises IT architecture to the AWS Cloud, it gains several benefits:
Question #79
A company wants guidance to optimize the cost and performance of its current AWS environment.
Which AWS service or tool should the company use to identify areas for optimization?
- A . Amazon QuickSight
- B . AWS Trusted Advisor
- C . AWS Organizations
- D . AWS Budgets
Correct Answer: B
B
Explanation:
AWS Trusted Advisor is the AWS service or tool that the company should use to identify areas for optimization. According to the AWS Trusted Advisor User Guide, “AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices. AWS Trusted Advisor checks help optimize your AWS infrastructure, increase security and performance, reduce your overall costs, and monitor service limits.” Amazon QuickSight, AWS Organizations, and AWS Budgets are not designed to provide optimization recommendations for the current AWS environment.
B
Explanation:
AWS Trusted Advisor is the AWS service or tool that the company should use to identify areas for optimization. According to the AWS Trusted Advisor User Guide, “AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices. AWS Trusted Advisor checks help optimize your AWS infrastructure, increase security and performance, reduce your overall costs, and monitor service limits.” Amazon QuickSight, AWS Organizations, and AWS Budgets are not designed to provide optimization recommendations for the current AWS environment.
Question #80
A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture.
What can the company do to meet this requirement?
- A . Scale vertically to a larger EC2 instance size.
- B . Scale horizontally across multiple Availability Zones.
- C . Purchase an EC2 Dedicated Instance.
- D . Change the EC2 instance family to a compute optimized instance.
Correct Answer: B
B
Explanation:
Scaling horizontally across multiple Availability Zones is a way to adopt a highly available architecture, as it increases the fault tolerance and resilience of the application. Scaling vertically to a larger EC2 instance size is a way to improve the performance of the application, but it does not improve the availability. Purchasing an EC2 Dedicated Instance is a way to isolate the instance from other AWS customers, but it does not improve the availability. Changing the EC2 instance family to a compute optimized instance is a way to optimize the instance type for the workload, but it does not improve the availability. These concepts are explained in the AWS Well-Architected Framework2.
B
Explanation:
Scaling horizontally across multiple Availability Zones is a way to adopt a highly available architecture, as it increases the fault tolerance and resilience of the application. Scaling vertically to a larger EC2 instance size is a way to improve the performance of the application, but it does not improve the availability. Purchasing an EC2 Dedicated Instance is a way to isolate the instance from other AWS customers, but it does not improve the availability. Changing the EC2 instance family to a compute optimized instance is a way to optimize the instance type for the workload, but it does not improve the availability. These concepts are explained in the AWS Well-Architected Framework2.