Amazon CLF-C02 Practice Test - Questions Answers, Page 13

Amazon GuardDuty is a service that provides intelligent threat detection and continuous monitoring for the AWS environment. It analyzes network and account activity using machine learning and threat intelligence to identify potential security threats, such as unauthorized access, compromised credentials, malicious hosts, and reconnaissance activities. It also generates detailed and actionable findings that can be viewed on the AWS Management Console or sent to other AWS services, such as Amazon CloudWatch Events and AWS Lambda, for further analysis or remediation. Amazon GuardDuty OverviewAWS Certified Cloud Practitioner - aws.amazon.com

AWS Config is a service that enables users to assess, audit, and evaluate the configurations of AWS resources. It continuously monitors and records the configuration changes of the resources and evaluates them against desired configurations and best practices. It also provides a detailed view of the resource configuration history and relationships, as well as compliance reports and notifications.

AWS Config can help users maintain consistent and secure configurations, troubleshoot issues, and simplify compliance auditing. AWS Config OverviewAWS Certified Cloud Practitioner -aws.amazon.com

Pay-as-you-go pricing is an AWS benefit that demonstrates the ability of users to replace upfront fixed expenses with variable expenses. With pay-as-you-go pricing, users only pay for the resources they consume, without any long-term contracts or commitments. This can lower the total cost of ownership and increase the return on investment. Pay-as-you-go pricing also provides flexibility and scalability, as users can adjust their resource usage according to their changing needs and demands. AWS Cloud Value FrameworkAWS Certified Cloud Practitioner - aws.amazon.com

According to the AWS shared responsibility model, AWS is responsible for the security of the cloud, while the user is responsible for the security in the cloud. This means that AWS manages the security and maintenance of the underlying infrastructure, such as the servers, networks, and operating systems, while the user manages the security and configuration of the resources and applications that run on AWS. For AWS Lambda functions, the tasks that are the user's responsibility are:

Establish the IAM permissions that define who can run the Lambda functions. IAM is a service that enables users to manage access and permissions for AWS resources and users. Users can create IAM policies, roles, and users to grant or deny permissions to run Lambda functions, invoke other AWS services, or access AWS resources from Lambda functions. [AWS Lambda Permissions] AWS Certified Cloud Practitioner - aws.amazon.com

Write the code for the Lambda functions to define the application logic. Lambda functions are units of code that can be written in any supported programming language, such as Python, Node.js, Java, or Go. Users can write the code for the Lambda functions using the AWS Management Console, the AWS Command Line Interface (AWS CLI), the AWS SDKs, or any code editor of their choice. Users can also use AWS Lambda Layers to share and manage common code and dependencies across multiple functions. [AWS Lambda Overview] AWS Certified Cloud Practitioner - aws.amazon.com

The services that can be used to deploy applications on AWS are:

AWS Elastic Beanstalk. This is a service that simplifies the deployment and management of web applications on AWS. Users can upload their application code and Elastic Beanstalk automatically handles the provisioning, scaling, load balancing, monitoring, and health checking of the resources needed to run the application. Users can also retain full control and access to the underlying resources and customize their configuration settings. Elastic Beanstalk supports multiple platforms, such as Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker. [AWS Elastic Beanstalk Overview] AWS Certified Cloud Practitioner - aws.amazon.com

AWS OpsWorks. This is a service that provides configuration management and automation for AWS resources. Users can define the application architecture and the configuration of each resource using Chef or Puppet, which are popular open-source automation platforms. OpsWorks then automatically creates and configures the resources according to the user's specifications. OpsWorks also provides features such as auto scaling, monitoring, and integration with other AWS services. OpsWorks has two offerings: OpsWorks for Chef Automate and OpsWorks for Puppet Enterprise. [AWS OpsWorks Overview] AWS Certified Cloud Practitioner - aws.amazon.com

Availability Zones contain multiple data centers. This is a characteristic of the AWS global infrastructure, which consists of AWS Regions, Availability Zones, and edge locations. AWS Regions are geographically isolated areas that contain multiple Availability Zones. Availability Zones are physically separate locations within an AWS Region that are engineered to be isolated from failures and connected by low-latency, high-throughput, and highly redundant networking. Each Availability Zone contains one or more data centers that house the servers and storage devices that run AWS services. Edge locations are sites that are located closer to the end users and provide caching and content delivery services. AWS Global InfrastructureAWS Certified Cloud Practitioner -aws.amazon.com

AWS Health API is available to a company that has an AWS Business Support plan. The AWS Health API provides programmatic access to the AWS Health information that is presented in the AWS Personal Health Dashboard. The AWS Health API can help users get timely and personalized information about events that can affect the availability and performance of their AWS resources, such as scheduled maintenance, network issues, or service disruptions. The AWS Health API can also integrate with other AWS services, such as Amazon CloudWatch Events and AWS Lambda, to enable automated actions and notifications. AWS Health API OverviewAWS Support Plans

Cost optimization is the pillar of the AWS Well-Architected Framework that focuses on the return on investment of moving into the AWS Cloud. Cost optimization means that users can achieve the desired business outcomes at the lowest possible price point, while maintaining high performance and reliability. Cost optimization can be achieved by using various AWS features and best practices, such as pay-as-you-go pricing, right-sizing, elasticity, reserved instances, spot instances, cost allocation tags, cost and usage reports, and AWS Trusted Advisor. [AWS Well-Architected Framework] AWS Certified Cloud Practitioner - aws.amazon.com

AWS WAF is the AWS service or feature that offers HTTP attack protection to users running publicfacing web applications. AWS WAF is a web application firewall that helps users protect their web applications from common web exploits, such as SQL injection, cross-site scripting, and bot attacks.

Users can create custom rules to define the web traffic that they want to allow, block, or count. Users can also use AWS Managed Rules, which are pre-configured rules that are curated and maintained by AWS or AWS Marketplace Sellers. AWS WAF can be integrated with other AWS services, such as Amazon CloudFront, Amazon API Gateway, and Application Load Balancer, to provide comprehensive security for web applications. [AWS WAF Overview] AWS Certified Cloud Practitioner -aws.amazon.com