Amazon CLF-C02 Practice Test - Questions Answers, Page 2
List of questions
Question 11
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
An application is running on multiple Amazon EC2 instances. The company wants to make the application highly available by configuring a load balancer with requests forwarded to the EC2 instances based on URL paths.
Which AWS load balancer will meet these requirements and take the LEAST amount of effort to deploy?
Explanation:
The correct answer is B because Application Load Balancer is an AWS load balancer that will meet the requirements and take the least amount of effort to deploy. Application Load Balancer is a type of Elastic Load Balancing that operates at the application layer (layer 7) of the OSI model and routes requests to targets based on the content of the request. Application Load Balancer supports advanced features, such as path-based routing, host-based routing, and HTTP header-based routing.
The other options are incorrect because they are not AWS load balancers that will meet the requirements and take the least amount of effort to deploy. Network Load Balancer is a type of Elastic Load Balancing that operates at the transport layer (layer 4) of the OSI model and routes requests to targets based on the destination IP address and port. Network Load Balancer does not support path-based routing. AWS OpsWorks Load Balancer is not an AWS load balancer, but rather a feature of AWS OpsWorks that enables users to attach an Elastic Load Balancing load balancer to a layer of their stack. Custom Load Balancer on Amazon EC2 is not an AWS load balancer, but rather a user-defined load balancer that runs on an Amazon EC2 instance. Custom Load Balancer on Amazon EC2 requires more effort to deploy and maintain than an AWS load balancer. Reference: Elastic Load Balancing
Question 12
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS.
Which AWS service should the company use to meet these requirements?
Explanation:
The correct answer is C because AWS Outposts is an AWS service that enables the company to meet the requirements. AWS Outposts is a fully managed service that extends AWS infrastructure, services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility. AWS Outposts allows customers to run their workloads on the same hardware and software that AWS uses in its cloud, while maintaining local access and control. The other options are incorrect because they are not AWS services that enable the company to meet the requirements. AWS Device Farm is an AWS service that enables customers to test their mobile and web applications on real devices in the AWS Cloud. AWS Fargate is an AWS service that enables customers to run containers without having to manage servers or clusters. AWS Ground Station is an AWS service that enables customers to communicate with satellites and downlink data from orbit. Reference: AWS Outposts FAQs
Question 13
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company needs to use dashboards and charts to analyze insights from business data.
Which AWS service will provide the dashboards and charts for these insights?
Explanation:
The correct answer is C because Amazon QuickSight is an AWS service that will provide the dashboards and charts for the insights from business data. Amazon QuickSight is a fully managed, scalable, and serverless business intelligence service that enables users to create and share interactive dashboards and charts. Amazon QuickSight can connect to various data sources, such as Amazon S3, Amazon RDS, Amazon Redshift, and more. Amazon QuickSight also provides users with machine learning insights, such as anomaly detection, forecasting, and natural language narratives.
The other options are incorrect because they are not AWS services that will provide the dashboards and charts for the insights from business data. Amazon Macie is an AWS service that helps users discover, classify, and protect sensitive data stored in Amazon S3. Amazon Aurora is an AWS service that provides a relational database that is compatible with MySQL and PostgreSQL. AWS CloudTrail is an AWS service that enables users to track user activity and API usage across their AWS account.
Reference: Amazon QuickSight FAQs
Question 14
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
When a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS, which Amazon EC2 instance type is required?
Explanation:
The correct answer is C because Dedicated Hosts are Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Dedicated Hosts are physical servers that are dedicated to a single customer. Dedicated Hosts allow customers to use their existing server-bound software licenses, such as Windows Server, SQL Server, and SUSE Linux Enterprise Server, subject to their license terms. The other options are incorrect because they are not Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Spot Instances are spare Amazon EC2 instances that are available at up to 90% discount compared to On-Demand prices. Spot Instances are suitable for stateless, fault-tolerant, and flexible workloads that can recover from interruptions easily. Dedicated Instances are Amazon EC2 instances that run on hardware that is dedicated to a single customer, but not to a specific physical server. Dedicated Instances do not allow customers to use their existing server-bound software licenses. Reserved Instances are Amazon EC2 instances that are reserved for a specific period of time (one or three years) in exchange for a lower hourly rate. Reserved Instances are suitable for steady-state or predictable workloads that run for a long duration. Reserved Instances do not allow customers to use their existing server-bound software licenses. Reference: Dedicated Hosts, Amazon EC2 Instance Purchasing Options
Question 15
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which AWS service should a cloud engineer use to view API calls to AWS services?
Explanation:
The correct answer is B because AWS CloudTrail is an AWS service that a cloud engineer can use to view API calls to AWS services. AWS CloudTrail is a service that enables customers to track user activity and API usage across their AWS account. AWS CloudTrail records the details of every API call made to AWS services, such as the identity of the caller, the time of the call, the source IP address of the caller, the parameters and responses of the call, and more. Customers can use AWS CloudTrail to audit, monitor, and troubleshoot their AWS resources and actions. The other options are incorrect because they are not AWS services that a cloud engineer can use to view API calls to AWS services.
Amazon CloudWatch is an AWS service that enables customers to collect, analyze, and visualize metrics, logs, and events from their AWS resources and applications. AWS Config is an AWS service that enables customers to assess, audit, and evaluate the configurations of their AWS resources. AWS Artifact is an AWS service that provides customers with on-demand access to AWS compliance reports and select online agreements. Reference: AWS CloudTrail FAQs
Question 16
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company uses Amazon Workspaces. What can a user accomplish using AWS CloudTrail?
Explanation:
AWS CloudTrail is an AWS service that enables users to accomplish the task of recording API calls made to AWS services. AWS CloudTrail is a service that tracks user activity and API usage across the AWS account. AWS CloudTrail records the details of every API call made to AWS services, such as the identity of the caller, the time of the call, the source IP address of the caller, the parameters and responses of the call, and more. Users can use AWS CloudTrail to audit, monitor, and troubleshoot their AWS resources and actions. The other options are incorrect because they are not tasks that users can accomplish using AWS CloudTrail. Generating an IAM user credentials report is a task that users can accomplish using IAM, which is an AWS service that enables users to manage access and permissions to AWS resources and services. Assessing the compliance of AWS resource configurations with policies and guidelines is a task that users can accomplish using AWS Config, which is an AWS service that enables users to assess, audit, and evaluate the configurations of their AWS resources. Ensuring that Amazon EC2 instances are patched with the latest security updates is a task that users can accomplish using AWS Systems Manager, which is an AWS service that enables users to automate operational tasks, manage configuration and compliance, and monitor system health and performance. Reference: AWS CloudTrail FAQs
Question 17
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company stores data in an Amazon S3 bucket. The company must control who has permission to read, write, or delete objects that the company stores in the S3 bucket. Which task is the responsibility of AWS, according to the AWS shared responsibility model?
Explanation:
The correct answer is B because ensuring the environmental safety and security of the AWS infrastructure that hosts Workspaces is the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model is a framework that defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the global infrastructure, such as the regions, availability zones, and edge locations; the hardware, software, networking, and facilities that run the AWS services; and the virtualization layer that separates the customer instances and storage. The customer is responsible for the security in the cloud, which includes the customer data, the guest operating systems, the applications, the identity and access management, the firewall configuration, and the encryption. The other options are incorrect because they are the responsibility of the customer, according to the AWS shared responsibility model. Setting up multi-factor authentication (MFA) for each Workspaces user account, providing security for Workspaces user accounts through AWS Identity and Access Management (IAM), configuring AWS CloudTrail to log API calls and user activity, and encrypting data at rest and in transit are all tasks that the customer has to perform to secure their Workspaces environment. Reference: AWS Shared Responsibility Model, Amazon WorkSpaces Security
Question 18
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which database engine is compatible with Amazon RDS?
Explanation:
Amazon RDS supports six database engines: Amazon Aurora, MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server. Apache Cassandra, MongoDB, and Neo4j are not compatible with Amazon RDS. Therefore, the correct answer is D. You can learn more about Amazon RDS and its supported database engines from this page.
Question 19
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company needs to run code in response to an event notification that occurs when objects are uploaded to an Amazon S3 bucket.
Which AWS service will integrate directly with the event notification?
Explanation:
AWS Lambda is a service that lets you run code without provisioning or managing servers. You can use Lambda to process event notifications from Amazon S3 when objects are uploaded or deleted.
Lambda integrates directly with the event notification and invokes your code automatically.
Therefore, the correct answer is A.
Question 20
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company wants to centrally manage security policies and billing services within a multi-account AWS environment. Which AWS service should the company use to meet these requirements?
Explanation:
AWS Organizations is a service that helps you centrally manage and govern your environment as you grow and scale your AWS resources. You can use AWS Organizations to create groups of accounts and apply policies to them. You can also use AWS Organizations to consolidate billing for multiple accounts. Therefore, the correct answer is B. You can learn more about AWS Organizations and its features from this page.
Question