ExamGecko
Search Search Login
Home Home / Amazon / CLF-C02

Amazon CLF-C02 Practice Test - Questions Answers, Page 65

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which AWS service gives users on-demand, sell-service access to AWS compliance control reports?
Which AWS service provides storage-optimized and compute-optimized device configurations?
A company is running a reporting web server application on Amazon EC2 instances. The application runs once every week and once again at the end of the month. The EC2 instances can be shut down when they are not in use. What is the MOST cost-effective billing model for this use case?
A company needs to manage multiple logins across AWS accounts within the same organization in AWS Organizations. Which AWS service should the company use to meet this requirement?
Which design principle aligns with performance efficiency pillar of the AWS Well-Architected Framework?
According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO.)
Which AWS service can create a private network connection from on premises to the AWS Cloud?
Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required?
A company purchased Amazon EC2 Standard Reserved Instances (Rls) for a workload in the AWS Cloud. The company needs to move part of the workload to an instance family that does not match the instance family of these Standard RIs. How can the company take advantage of the Standard RIs that it no longer needs?
Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Select TWO.)

Question 641

Report
Export
Collapse

Which AWS service supports user sign-up functionality and authentication to mobile and web applications?

A.
Amazon Cognito
A.
Amazon Cognito
Answers
B.
AWS Config
B.
AWS Config
Answers
C.
Amazon GuardDuty
C.
Amazon GuardDuty
Answers
D.
AWS Systems Manager
D.
AWS Systems Manager
Answers
Suggested answer: A

Explanation:

Amazon Cognito is an AWS service that provides user sign-up, sign-in, and access control to web and mobile applications. It supports authentication for different identity providers, including social identity providers (such as Google, Facebook, and Apple), enterprise identity providers via SAML 2.0, and its own user pools.

Amazon Cognito offers:

User Pools for managing user registration, authentication, and account recovery.

Federated Identities for managing user access from external identity providers.

Why other options are not suitable:

B . AWS Config: A service for tracking resource configuration changes, not related to user authentication.

C . Amazon GuardDuty: A threat detection service, not related to user sign-up or authentication.

D . AWS Systems Manager: A service to manage AWS resources, but it does not provide user authentication.

References:

Amazon Cognito Documentation


Question 642

Report
Export
Collapse

What is the MOST secure way to store passwords on AWS?

A.
Store passwords in an Amazon S3 bucket.
A.
Store passwords in an Amazon S3 bucket.
Answers
B.
Store passwords as AWS CloudFormation parameters
B.
Store passwords as AWS CloudFormation parameters
Answers
C.
Store passwords in AWS Storage Gateway.
C.
Store passwords in AWS Storage Gateway.
Answers
D.
Store passwords in AWS Secrets Manager.
D.
Store passwords in AWS Secrets Manager.
Answers
Suggested answer: D

Explanation:

AWS Secrets Manager is the most secure way to store and manage sensitive information, such as passwords, database credentials, and API keys. Secrets Manager allows you to:

Securely store and rotate secrets.

Automatically manage secret rotation without disrupting applications.

Integrate with AWS services and third-party applications to retrieve secrets securely.

Why other options are not suitable:

A . Store passwords in an Amazon S3 bucket: Although S3 is secure, it is not designed for secret management. It lacks built-in secret rotation and fine-grained access control for sensitive data.

B . Store passwords as AWS CloudFormation parameters: CloudFormation is used for managing infrastructure as code, not for securely storing passwords.

C . Store passwords in AWS Storage Gateway: A service for hybrid storage integration, not suitable for storing secrets or passwords.

References:

AWS Secrets Manager Documentation


Question 643

Report
Export
Collapse

A company plans to migrate its custom marketing application and order-processing application to AWS. The company needs to deploy the applications on different types of instances with various configurations of CPU, memory, storage, and networking capacity.

Which AWS service should the company use to meet these requirements?

A.
AWS Lambda
A.
AWS Lambda
Answers
B.
Amazon Cognito
B.
Amazon Cognito
Answers
C.
Amazon Athena
C.
Amazon Athena
Answers
D.
Amazon EC2
D.
Amazon EC2
Answers
Suggested answer: D

Explanation:

Amazon EC2 (Elastic Compute Cloud) provides scalable computing capacity in the AWS Cloud, allowing customers to run virtual servers (instances) with different configurations of CPU, memory, storage, and networking capacity. This flexibility is ideal for applications that require specific infrastructure configurations, such as custom marketing and order-processing applications.

A . AWS Lambda: Incorrect, as it is a serverless compute service that automatically manages the computing resources needed to run code but does not offer the flexibility of choosing different instance types.

B . Amazon Cognito: Incorrect, as it is used for user authentication and authorization, not for deploying applications.

C . Amazon Athena: Incorrect, as it is an interactive query service for analyzing data in Amazon S3 using standard SQL.

AWS Cloud References:

Amazon EC2


Question 644

Report
Export
Collapse

Which AWS service or feature gives users the ability to connect VPCs and on-premises networks to a central hub?

A.
Virtual private gateway
A.
Virtual private gateway
Answers
B.
AWS Transit Gateway
B.
AWS Transit Gateway
Answers
C.
Internet gateway
C.
Internet gateway
Answers
D.
Customer gateway
D.
Customer gateway
Answers
Suggested answer: B

Explanation:

Explanation:

AWS Transit Gateway is a network transit hub that customers can use to connect their Amazon VPCs and on-premises networks to a central hub. This service simplifies network management and reduces operational overhead by enabling a single gateway for managing multiple network connections. It facilitates seamless integration and routing between VPCs and on-premises networks.

A . Virtual private gateway: Incorrect, as it is used to connect a single VPC to an on-premises network through a VPN connection.

C . Internet gateway: Incorrect, as it provides internet access for instances in a VPC but does not connect multiple networks.

D . Customer gateway: Incorrect, as it represents the on-premises device or software application that connects to AWS, but it does not provide a central hub.

AWS Cloud References:

AWS Transit Gateway


Question 645

Report
Export
Collapse

A company hosts its website on Amazon EC2 instances. The company needs to ensure that the website reaches a global audience and provides minimum latency to users.

Which AWS service should the company use to meet these requirements?

A.
Amazon Route 53
A.
Amazon Route 53
Answers
B.
Amazon CloudFront
B.
Amazon CloudFront
Answers
C.
Elastic Load Balancing
C.
Elastic Load Balancing
Answers
D.
AWS Lambda
D.
AWS Lambda
Answers
Suggested answer: A

Explanation:

Amazon CloudFront is a content delivery network (CDN) that helps deliver your website content globally with low latency by caching copies of your website content at edge locations around the world. This helps ensure that users receive content from the edge location closest to them, thereby reducing latency and improving user experience.

A . Amazon Route 53: Incorrect, as it is a DNS web service that routes users to the appropriate endpoint, but it does not cache content or reduce latency.

C . Elastic Load Balancing: Incorrect, as it distributes incoming application or network traffic across multiple targets, but does not cache content globally.

D . AWS Lambda: Incorrect, as it is a serverless compute service, not intended for content delivery.

AWS Cloud References:

Amazon CloudFront

Question 646

Report
Export
Collapse

A company wants to build graph queries for real-time fraud pattern detection.

Which AWS service will meet this requirement?

A.
Amazon Neptune
A.
Amazon Neptune
Answers
B.
Amazon DynamoDB
B.
Amazon DynamoDB
Answers
C.
Amazon Timestream
C.
Amazon Timestream
Answers
D.
Amazon Forecast
D.
Amazon Forecast
Answers
Suggested answer: A

Explanation:

Amazon Neptune is a fully managed graph database service optimized for storing and querying highly connected data. It supports popular graph models such as Property Graph and W3C's RDF, making it ideal for building graph queries for real-time fraud pattern detection and other applications that require complex relationships and data traversal.

B . Amazon DynamoDB: Incorrect, as it is a NoSQL database service that is not optimized for graph queries.

C . Amazon Timestream: Incorrect, as it is a time-series database service designed for storing and analyzing time-series data, not graph data.

D . Amazon Forecast: Incorrect, as it is a fully managed service that provides time-series forecasting capabilities, not for graph queries.

AWS Cloud References:

Amazon Neptune


Question 647

Report
Export
Collapse

A company wants to use a serverless compute service for an application. Which AWS service will meet this requirement?

A.
AWS Lambda
A.
AWS Lambda
Answers
B.
AWS Cloud Formation
B.
AWS Cloud Formation
Answers
C.
AWS Elastic Beanstalk
C.
AWS Elastic Beanstalk
Answers
D.
Elastic Load Balancing
D.
Elastic Load Balancing
Answers
Suggested answer: A

Question 648

Report
Export
Collapse

A company wants to migrate critical on-premises production systems to Amazon EC2 instances. The production instances will be used for at least 3 years. The company wants a pricing option that will minimize cost.

Which solution will meet these requirements?

A.
On-Demand Instances
A.
On-Demand Instances
Answers
B.
Reserved Instances
B.
Reserved Instances
Answers
C.
Spot Instances
C.
Spot Instances
Answers
D.
AWS Free Tier
D.
AWS Free Tier
Answers
Suggested answer: B

Question 649

Report
Export
Collapse

An independent software vendor wants to deliver and share its custom Amazon Machine images (AMIs) to prospective customers.

Which AWS service will meet these requirements?

A.
AWS Marketplace
A.
AWS Marketplace
Answers
B.
AWS Data Exchange
B.
AWS Data Exchange
Answers
C.
Amazon EC2
C.
Amazon EC2
Answers
D.
AWS Organizations
D.
AWS Organizations
Answers
Suggested answer: A

Question 650

Report
Export
Collapse

A company uses a third-party identity provider (IdP). The company wants to provide its employees with access to AWS accounts and services without requiring another set of login credentials.

Which AWS service will meet this requirement?

A.
AWS Directory Service
A.
AWS Directory Service
Answers
B.
Amazon Cognito
B.
Amazon Cognito
Answers
C.
AWS 1AM Identity Center
C.
AWS 1AM Identity Center
Answers
D.
AWS Resource Access Manager (AWS RAM)
D.
AWS Resource Access Manager (AWS RAM)
Answers
Suggested answer: C
Total 789 questions
Go to page: of 79
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms