ExamGecko
Home / Amazon / CLF-C02 / List of questions
Ask Question

Amazon CLF-C02 Practice Test - Questions Answers, Page 33

List of questions

Question 321

Report
Export
Collapse

A company is running its application in the AWS Cloud. The company wants to periodically review its AWS account for cost optimization opportunities.

Which AWS service or tool can the company use to meet these requirements?

AWS Cost Explorer
AWS Cost Explorer
AWS Trusted Advisor
AWS Trusted Advisor
Most voted
(1)
Most voted
AWS Pricing Calculator
AWS Pricing Calculator
AWS Budgets
AWS Budgets
Suggested answer: A

Explanation:

AWS Cost Explorer is an AWS service or tool that the company can use to periodically review its AWS account for cost optimization opportunities. AWS Cost Explorer is a tool that enables the company to visualize, understand, and manage their AWS costs and usage over time. The company can use AWS Cost Explorer to access interactive graphs and tables that show the breakdown of their costs and usage by service, region, account, tag, and more. The company can also use AWS Cost Explorer to forecast their future costs, identify trends and anomalies, and discover potential savings by using Reserved Instances or Savings Plans.

asked 16/09/2024
Gennaro Migliaccio
33 questions

Question 322

Report
Export
Collapse

A developer who has no AWS Cloud experience wants to use AWS technology to build a web application.

Which AWS service should the developer use to start building the application?

Amazon SageMaker
Amazon SageMaker
AWS Lambda
AWS Lambda
Amazon Lightsail
Amazon Lightsail
Amazon Elastic Container Service (Amazon ECS)
Amazon Elastic Container Service (Amazon ECS)
Suggested answer: C

Explanation:

Amazon Lightsail is an easy-to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan1. It is designed for developers who have little or no prior cloud experience and want to launch and manage applications on AWS with minimal complexity2. Amazon SageMaker is a service for building, training, and deploying machine learning models3. AWS Lambda is a service that lets you run code without provisioning or managing servers4.

Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service.

asked 16/09/2024
ahmed bin shehab
45 questions

Question 323

Report
Export
Collapse

A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports.

Which AWS service will meet this requirement?

AWS Trusted Advisor
AWS Trusted Advisor
Amazon CloudWatch
Amazon CloudWatch
Amazon GuardDuty
Amazon GuardDuty
AWS Health Dashboard
AWS Health Dashboard
Suggested answer: A

Explanation:

AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices, including security and performance. It can help you monitor for misconfigured security groups that are allowing unrestricted access to specific ports. Amazon CloudWatch is a service that monitors your AWS resources and the applications you run on AWS.

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior. AWS Health Dashboard provides relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities.

asked 16/09/2024
Phanel Xavier
46 questions

Question 324

Report
Export
Collapse

An IT engineer needs to access AWS services from an on-premises application.

Which credentials or keys does the application need for authentication?

AWS account user name and password
AWS account user name and password
1AM access key and secret
1AM access key and secret
Amazon EC2 key pairs
Amazon EC2 key pairs
AWS Key Management Service (AWS KMS) keys
AWS Key Management Service (AWS KMS) keys
Suggested answer: B

Explanation:

IAM access keys are long-term credentials that consist of an access key ID and a secret access key.

You use access keys to sign programmatic requests that you make to AWS. If you need to access AWS services from an on-premises application, you can use IAM access keys to authenticate your requests. AWS account user name and password are used to sign in to the AWS Management Console. Amazon EC2 key pairs are used to connect to your EC2 instances using SSH. AWS Key Management Service (AWS KMS) keys are used to encrypt and decrypt your data using the AWS Encryption SDK or the AWS CLI.

asked 16/09/2024
Grant Taylor
58 questions

Question 325

Report
Export
Collapse

A company simulates workflows to review and validate that all processes are effective and that staff are familiar with the processes.

Which design principle of the AWS Well-Architected Framework is the company following with this practice?

Perform operations as code.
Perform operations as code.
Refine operation procedures frequently.
Refine operation procedures frequently.
Make frequent, small, reversible changes.
Make frequent, small, reversible changes.
Structure the company to support business outcomes.
Structure the company to support business outcomes.
Suggested answer: B

Explanation:

Refining operation procedures frequently is one of the design principles of the operational excellence pillar of the AWS Well-Architected Framework. It means that you should review and validate your processes regularly to ensure they are effective and that staff are familiar with them. Performing operations as code, making frequent, small, reversible changes, and structuring the company to support business outcomes are design principles of other pillars of the AWS Well-Architected Framework.

asked 16/09/2024
G C
48 questions

Question 326

Report
Export
Collapse

A company wants to launch its web application in a second AWS Region. The company needs to determine which services must be regionally configured for this launch.

Which AWS services can be configured at the Region level? (Select TWO.)

Amazon EC2
Amazon EC2
Most voted
(1)
Most voted
Amazon Route 53
Amazon Route 53
Amazon CloudFront
Amazon CloudFront
AWS WAF
AWS WAF
Amazon DynamoDB
Amazon DynamoDB
Most voted
(1)
Most voted
Suggested answer: B, D

Explanation:

Amazon Route 53 and AWS WAF are AWS services that can be configured at the Region level.

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service that lets you register domain names, route traffic to resources, and check the health of your resources. AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. Amazon EC2, Amazon CloudFront, and Amazon DynamoDB are AWS services that can be configured at the global level or the Availability Zone level .

asked 16/09/2024
Zulkarnain Hashim
39 questions

Question 327

Report
Export
Collapse

A company needs to identify who accessed an AWS service and what action was performed for a given time period.

Which AWS service should the company use to meet this requirement?

Amazon CloudWatch
Amazon CloudWatch
AWS CloudTrail
AWS CloudTrail
AWS Security Hub
AWS Security Hub
Amazon Inspector
Amazon Inspector
Suggested answer: B

Explanation:

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. You can use CloudTrail to identify who accessed an AWS service and what action was performed for a given time period. Amazon CloudWatch, AWS Security Hub, and Amazon Inspector are AWS services that provide different types of monitoring and security capabilities.

asked 16/09/2024
Ravindra MG
27 questions

Question 328

Report
Export
Collapse

A company is running its application in the AWS Cloud and wants to protect against a DDoS attack.

The company's security team wants near real-time visibility into DDoS attacks.

Which AWS service or traffic filter will meet these requirements with the MOST features for DDoS protection?

AWS Shield Advanced
AWS Shield Advanced
AWS Shield
AWS Shield
Amazon GuardDuty
Amazon GuardDuty
Network ACLs
Network ACLs
Suggested answer: A

Explanation:

AWS Shield Advanced is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield Advanced provides you with 24x7 access to the AWS DDoS Response Team (DRT) and protection against DDoS attacks of any size or duration. AWS Shield Advanced also provides near real-time visibility into attacks, advanced attack mitigation capabilities, and integration with AWS WAF and AWS Firewall Manager1. AWS Shield is a standard service that provides always-on detection and automatic inline mitigations to minimize application downtime and latency, but it does not offer the same level of features and support as AWS Shield Advanced2. Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior, but it does not provide DDoS protection3. Network ACLs are stateless filters that can be associated with a subnet to control the traffic to and from the subnet, but they are not designed to protect against DDoS attacks

asked 16/09/2024
Leandro Ruwer
46 questions

Question 329

Report
Export
Collapse

A company is planning to migrate its application to the AWS Cloud.

Which AWS tool or set of resources should the company use to analyze and asses its readiness for migration?

AWS Cloud Adoption Framework (AWS CAF)
AWS Cloud Adoption Framework (AWS CAF)
AWS Pricing Calculator
AWS Pricing Calculator
AWS Well-Architected Framework
AWS Well-Architected Framework
AWS Budgets
AWS Budgets
Suggested answer: A

Explanation:

AWS Cloud Adoption Framework (AWS CAF) is a tool that helps organizations understand how cloud adoption transforms the way they work, and it provides structure to identify and address gaps in skills and processes. Applying the AWS CAF in your organization results in an actionable plan that helps you prepare the cloud environment, enable your staff with new skills, and migrate your applications. AWS Pricing Calculator is a tool that helps you estimate the cost of AWS services for your use cases and compare the cost of different AWS service configurations. AWS Well-Architected Framework is a tool that helps you review and improve your cloud-based architectures and better understand the business impact of your design decisions. AWS Budgets is a tool that helps you plan your service usage, service costs, and instance reservations, and track how close your plan is to your budgeted amount.

asked 16/09/2024
Marinus Johannes Klomp
40 questions

Question 330

Report
Export
Collapse

Which task must a user perform by using the AWS account root user credentials?

Make changes to AWS production resources.
Make changes to AWS production resources.
Change AWS Support plans.
Change AWS Support plans.
Access AWS Cost and Usage Reports.
Access AWS Cost and Usage Reports.
Grant auditors' access to an AWS account for a compliance audit.
Grant auditors' access to an AWS account for a compliance audit.
Suggested answer: B

Explanation:

Changing AWS Support plans is a task that must be performed by using the AWS account root user credentials. The root user is the email address that you used to sign up for AWS. It has complete access to all AWS services and resources in the account. You should use the root user only to perform a few account and service management tasks, such as changing AWS Support plans, closing the account, or changing the account name or email address. Making changes to AWS production resources, accessing AWS Cost and Usage Reports, and granting auditors access to an AWS account for a compliance audit are tasks that can be performed by using IAM users or roles, which are entities that you create in AWS to delegate permissions to access AWS services and resources.

asked 16/09/2024
Aboudou-Razakou KONI
34 questions
Total 798 questions
Go to page: of 80
Search

Related questions