The actual exam version for the AWS Certified Cloud Practitioner CLF-C02 Exam in 2024. I have just passed this exam and I want to share a very helpful website.
Source: AWS Certified Cloud Practitioner CLF-C02 Exam Part 3
Q121. A company wants to monitor its workload performance. The company wants to ensure that the cloud services are delivered at a level that meets its business needs. Which AWS Cloud Adoption Framework (AWS CAF) perspective will meet these requirements?
A. Business
B. Governance
C. Platform
D. Operations
Q122. Which actions are best practices for an AWS account root user? (Choose two.)
A. Share root user credentials with team members.
B. Create multiple root users for the account, separated by environment.
C. Enable multi-factor authentication (MFA) on the root user.
D. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.
E. Use programmatic access instead of the root user and password.
Q123. Which option is an environment that consists of one or more data centers?
A. Amazon CloudFront
B. Availability Zone
C. VPC
D. AWS Outposts
Q124. A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops. Which AWS service will help the company deploy the application without investing in backend infrastructure or high-end client hardware?
A. Amazon AppStream 2.0
B. AWS AppSync
C. Amazon WorkLink
D. AWS Elastic Beanstalk
Q125. A company has a compute workload that is steady, predictable, and uninterruptible. Which Amazon EC2 instance purchasing options meet these requirements MOST cost-effectively? (Choose two.)
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Saving Plans
E. Dedicated Hosts
Q126. A company needs to perform data processing once a week that typically takes about 5 hours to complete. Which AWS service should the company use for this workload?
A. AWS Lambda
B. Amazon EC2
C. AWS CodeDeploy
D. AWS Wavelength
Q127. A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives. Which phase of the cloud transformation journey includes these identification activities?
A. Envision
B. Align
C. Scale
D. Launch
Q128. A company launched an Amazon EC2 instance with the latest Amazon Linux 2 Amazon Machine Image (AMI). Which actions can a system administrator take to connect to the EC2 instance? (Choose two.)
A. Use Amazon EC2 Instance Connect.
B. Use a Remote Desktop Protocol (RDP) connection.
C. Use AWS Batch.
D. Use AWS Systems Manager Session Manager.
E. Use Amazon Connect.
Q129. Which options are AWS Cloud Adoption Framework (AWS CAF) cloud transformation journey recommendations? (Choose two.)
A. Envision phase
B. Align phase
C. Assess phase
D. Mobilize phase
E. Migrate and modernize phase
Q130. Which options are AWS Cloud Adoption Framework (AWS CAF) security perspective capabilities? (Choose two.)
A. Observability
B. Incident and problem management
C. Incident response
D. Infrastructure protection
E. Availability and continuity
Q131. Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.)
A. They are stateless.
B. They are stateful.
C. They evaluate all rules before allowing traffic.
D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.
E. They operate at the instance level.
Q132. Which task can a company perform by using security groups in the AWS Cloud?
A. Allow access to an Amazon EC2 instance through only a specific port.
B. Deny access to malicious IP addresses at a subnet level.
C. Protect data that is cached by Amazon CloudFront.
D. Apply a stateless firewall to an Amazon EC2 instance.
Q133. An external auditor has requested that a company provide a list of all its IAM users, including the status of users’ credentials and access keys. What is the SIMPLEST way to provide this information?
A. Create an IAM user account for the auditor, granting the auditor administrator permissions.
B. Take a screenshot of each user’s page in the AWS Management Console, then provide the screenshots to the auditor.
C. Download the IAM credential report, then provide the report to the auditor.
D. Download the AWS Trusted Advisor report, then provide the report to the auditor.
Q134. Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand?
A. Amazon GuardDuty
B. AWS Security Hub
C. AWS Artifact
D. AWS Shield
Q135. A company uses Amazon S3 to store records that can contain personally identifiable information (PII). The company wants a solution that can monitor all S3 buckets for PII and immediately alert staff about vulnerabilities. Which AWS service will meet these requirements?
A. Amazon GuardDuty
B. Amazon Detective
C. Amazon Macie
D. AWS Shield
Q136. A company wants to run its workloads in the AWS Cloud effectively, reduce management overhead, and improve processes. Which AWS Well-Architected Framework pillar represents these requirements?
A. Reliability
B. Operational excellence
C. Performance efficiency
D. Cost optimization
Q137. A company is using the AWS Free Tier for several AWS services for an application. What will happen if the Free Tier usage period expires or if the application use exceeds the Free Tier usage limits?
A. The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage.
B. AWS Support will contact the company to set up standard service charges.
C. The company will be charged for the services it consumed during the Free Tier period, plus additional charges for service consumption after the Free Tier period.
D. The company’s AWS account will be frozen and can be restarted after a payment plan is established.
Q138. Which option is a shared control between AWS and the customer, according to the AWS shared responsibility model?
A. Configuration management
B. Physical and environmental controls
C. Data integrity authentication
D. Identity and access management
Q139. A company that uses AWS needs to transfer 2 TB of data. Which type of transfer of that data would result in no cost for the company?
A. Inbound data transfer from the internet
B. Outbound data transfer to the internet
C. Data transfer between AWS Regions
D. Data transfer between Availability Zones
Q140. A social media company wants to protect its web application from common web exploits such as SQL injections and cross-site scripting. Which AWS service will meet these requirements?
A. Amazon Inspector
B. AWS WAF
C. Amazon GuardDuty
D. Amazon CloudWatch
Q141. Which of the following describes some of the core functionality of Amazon S3?
A. Amazon S3 is a high-performance block storage service that is designed for use with Amazon EC2.
B. Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability.
C. Amazon S3 is a fully managed, highly reliable, and scalable file storage system that is accessible over the industry-standard SMB protocol.
D. Amazon S3 is a scalable, fully managed elastic NFS for use with AWS Cloud services and on-premises resources.
Q142. Which action will help increase security in the AWS Cloud?
A. Enable programmatic access for all IAM users.
B. Use IAM users instead of IAM roles to delegate permissions.
C. Rotate access keys on a reoccurring basis.
D. Use inline policies instead of customer managed policies.
Q143. Which AWS service enables users to check for vulnerabilities on Amazon EC2 instances by using predefined assessment templates?
A. AWS WAF
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS Shield
Q144. What is the customer ALWAYS responsible for managing, according to the AWS shared responsibility model?
A. Software licenses
B. Networking
C. Customer data
D. Encryption keys
Q145. Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?
A. VPC Flow Logs
B. Amazon Inspector
C. VPC endpoint services
D. NAT gateway
Q146. Which AWS service should users use to learn about AWS service availability and operations?
A. Amazon EventBridge
B. AWS Service Catalog
C. AWS Control Tower
D. AWS Health Dashboard
Q147. A company wants to know more about the benefits offered by cloud computing. The company wants to understand the operational advantage of agility. How does AWS provide agility for users?
A. The ability the ensure high availability by deploying workloads to multiple regions
B. A pay-as-you-go model for many services and resources
C. The ability to transfer infrastructure management to the AWS Cloud
D. The ability to provision and deprovision resources quickly with minimal effort
Q148. Which of the following is an AWS value proposition that describes a user’s ability to scale infrastructure based on demand?
A. Speed of innovation
B. Resource elasticity
C. Decoupled architecture
D. Global deployment
Q149. Which AWS service gives users the ability to build interactive business intelligence dashboards that include machine learning insights?
A. Amazon Athena
B. Amazon Kendra
C. Amazon QuickSight
D. Amazon Redshift
Q150. A company wants to identify Amazon S3 buckets that are shared with another AWS account. Which AWS service or feature will meet these requirements?
A. AWS Lake Formation
B. IAM credential report
C. Amazon CloudWatch
D. IAM Access Analyzer
Q151. A company needs to transfer data between an Amazon S3 bucket and an on-premises application. Who is responsible for the security of this data, according to the AWS shared responsibility model?
A. The company
B. AWS
C. Firewall vendor
D. AWS Marketplace partner
Q152. A company is running a critical workload on an Amazon RDS DB instance. The company needs the DB instance to be highly available with a recovery time of less than 5 minutes. Which solution will meet these requirements?
A. Create a read replica of the DB instance.
B. Create a template of the DB instance by using AWS CloudFormation.
C. Take frequent snapshots of the DB instance. Store the snapshots in Amazon S3.
D. Modify the DB instance to be a Multi-AZ deployment.
Q153. A company acquired another corporation. The company now has two AWS accounts. Which AWS service or tool can the company use to consolidate the billing for these two accounts?
A. AWS Systems Manager
B. AWS Organizations
C. AWS License Manager
D. Cost Explorer
Q154. A company wants to automatically add and remove Amazon EC2 instances. The company wants the EC2 instances to adjust to varying workloads dynamically. Which service or feature will meet these requirements?
A. Amazon DynamoDB
B. Amazon EC2 Spot Instances
C. AWS Snow Family
D. Amazon EC2 Auto Scaling
Q155. Which task is a customer’s responsibility, according to the AWS shared responsibility model?
A. Management of the guest operating systems
B. Maintenance of the configuration of infrastructure devices
C. Management of the host operating systems and virtualization
D. Maintenance of the software that powers Availability Zones
Q156. A company wants to query its server logs to gain insights about its customers’ experiences. Which AWS service will store this data MOST cost-effectively?
A. Amazon Aurora
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Block Store (Amazon EBS)
D. Amazon S3
Q157. A company is moving an on-premises data center to the AWS Cloud. The company must migrate 50 petabytes of file storage data to AWS with the least possible operational overhead. Which AWS service or resource should the company use to meet these requirements?
A. AWS Snowmobile
B. AWS Snowball Edge
C. AWS Data Exchange
D. AWS Database Migration Service (AWS DMS)
Q158. A systems administrator created a new IAM user for a developer and assigned the user an access key instead of a user name and password. What is the access key used for?
A. To access the AWS account as the AWS account root user
B. To access the AWS account through the AWS Management Console
C. To access the AWS account through a CLI
D. To access all of a company’s AWS accounts
Q159. A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a natural disaster in a particular geographic area. Which approach will achieve this goal?
A. Use EC2 instances in multiple AWS Regions.
B. Use EC2 instances in multiple Amazon CloudFront locations.
C. Use EC2 instances in multiple edge locations.
D. Use EC2 instances in AWS Local Zones.
Q160. Which option is a customer responsibility under the AWS shared responsibility model?
A. Maintenance of underlying hardware of Amazon EC2 instances
B. Application data security
C. Physical security of data centers
D. Maintenance of VPC components
Q161. Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focuses on demonstrating how the cloud helps accelerate business outcomes?
A. Scale
B. Envision
C. Align
D. Launch
Q162. A company needs to quickly and securely move files over long distances between its client and an Amazon S3 bucket. Which S3 feature will meet this requirement?
A. S3 Versioning
B. S3 Transfer Acceleration
C. S3ACLs
D. S3 Intelligent-Tiering
Q163. Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded?
A. AWS Budgets
B. AWS Cost Explorer
C. AWS Cost Allocation Tags
D. AWS Organizations
Q164. Which AWS services can a company use to achieve a loosely coupled architecture? (Choose two.)
A. Amazon WorkSpaces
B. Amazon Simple Queue Service (Amazon SQS)
C. Amazon Connect
D. AWS Trusted Advisor
E. AWS Step Functions
Q165. Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?
A. Agility
B. Elasticity
C. Reliability
D. Durability
Q166. A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously. Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances?
A. AWS Graviton processor
B. Dedicated Hosts
C. EC2 Instance Savings Plans
D. Amazon EC2 Auto Scaling instances
Q167. Which options are AWS Cloud Adoption Framework (AWS CAF) security perspective capabilities? (Choose two.)
A. Observability
B. Incident and problem management
C. Incident response
D. Infrastructure protection
E. Availability and continuity
Q168. Which pricing model will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable?
A. On-Demand Instances
B. Standard Reserved Instances
C. Spot Instances
D. Convertible Reserved Instances
Q169. Which task is a responsibility of AWS, according to the AWS shared responsibility model?
A. Enable client-side encryption for objects that are stored in Amazon S3.
B. Configure IAM security policies to comply with the principle of least privilege.
C. Patch the guest operating system on an Amazon EC2 instance.
D. Apply updates to the Nitro Hypervisor.
Q170. A company wants to migrate its on-premises workloads to the AWS Cloud. The company wants to separate workloads for chargeback to different departments. Which AWS services or features will meet these requirements? (Choose two.)
A. Placement groups
B. Consolidated billing
C. Edge locations
D. AWS Config
E. Multiple AWS accounts
Q171. A company has multiple AWS accounts that include compute workloads that cannot be interrupted. The company wants to obtain billing discounts that are based on the company’s use of AWS services. Which AWS feature or purchasing option will meet these requirements?
A. Resource tagging
B. Consolidated billing
C. Pay-as-you-go pricing
D. Spot Instances
Q172. A company wants an automated process to continuously scan its Amazon EC2 instances for software vulnerabilities. Which AWS service will meet these requirements?
A. Amazon GuardDuty
B. Amazon Inspector
C. Amazon Detective
D. Amazon Cognito
Q173. A company needs to track the activity in its AWS accounts, and needs to know when an API call is made against its AWS resources. Which AWS tool or service can be used to meet these requirements?
A. Amazon CloudWatch
B. Amazon Inspector
C. AWS CloudTrail
D. AWS IAM
Q174. A company wants a fully managed Windows file server for its Windows-based applications. Which AWS service will meet this requirement?
A. Amazon FSx
B. Amazon Elastic Kubernetes Service (Amazon EKS)
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon EMR
Q175. A developer has been hired by a large company and needs AWS credentials. Which are security best practices that should be followed? (Choose two.)
A. Grant the developer access to only the AWS resources needed to perform the job.
B. Share the AWS account root user credentials with the developer.
C. Add the developer to the administrator’s group in AWS IAM.
D. Configure a password policy that ensures the developer’s password cannot be changed.
E. Ensure the account password policy requires a minimum length.
Q176. Which tasks are the customer’s responsibility, according to the AWS shared responsibility model? (Choose two.)
A. Establish the global infrastructure.
B. Perform client-side data encryption.
C. Configure IAM credentials.
D. Secure edge locations.
E. Patch Amazon RDS DB instances.
Q177. A company is running a workload in the AWS Cloud. Which AWS best practice ensures the MOST cost-effective architecture for the workload?
A. Loose coupling
B. Rightsizing
C. Caching
D. Redundancy
Q178. A company wants to automate infrastructure deployment by using infrastructure as code (IaC). The company wants to scale production stacks so the stacks can be deployed in multiple AWS Regions. Which AWS service will meet these requirements?
A. Amazon CloudWatch
B. AWS Config
C. AWS Trusted Advisor
D. AWS CloudFormation
Q179. A company wants to grant users in one AWS account access to resources in another AWS account. The users do not currently have permission to access the resources. Which AWS service will meet this requirement?
A. IAM group
B. IAM role
C. IAM tag
D. IAM Access Analyzer
Q180. How does AWS Cloud computing help businesses reduce costs? (Choose two.)
A. AWS charges the same prices for services in every AWS Region.
B. AWS enables capacity to be adjusted on demand.
C. AWS offers discounts for Amazon EC2 instances that remain idle for more than 1 week.
D. AWS does not charge for data sent from the AWS Cloud to the internet.
E. AWS eliminates many of the costs of building and maintaining on-premises data centers.