AWS Certified Cloud Practitioner CLF-C01 Part 4

AWS Certified Cloud Practitioner Exam Questions Part 4

AWS Certified Cloud Practitioner CLF-C01 Part 4

100% actual AWS Certified Cloud Practitioner CLF-C01 Exam Questions. Highly recommend for your exam preparation.

AWS Certified Cloud Practitioner Exam Questions Part 1
AWS Certified Cloud Practitioner Exam Questions Part 2
AWS Certified Cloud Practitioner Exam Questions Part 3
AWS Certified Cloud Practitioner Exam Questions Part 4

1. Under the AWS shared responsibility model, AWS is responsible for which security-related task?

  • A. Lifecycle management of IAM credentials
  • B. Physical security of global infrastructure
  • C. Encryption of Amazon EBS volumes
  • D. Firewall configuration

2. Which AWS service enables users to consolidate billing across multiple accounts?

  • A. Amazon QuickSight
  • B. AWS Organizations
  • C. AWS Budgets
  • D. Amazon Forecast

3. Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud?

  • A. Managing edge locations
  • B. Physical security
  • C. Firewall configuration
  • D. Global infrastructure

4. How can an AWS user with an AWS Basic Support plan obtain technical assistance from AWS?

  • A. AWS Senior Support Engineers
  • B. AWS Technical Account Managers
  • C. AWS Trusted Advisor
  • D. AWS Discussion Forums

5. Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)

  • A. Multiple Availability Zones
  • B. Performance efficiency
  • C. Security
  • D. Encryption usage
  • E. High availability

6. After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

  • A. No upfront payment
  • B. Hourly on-demand payment
  • C. Partial upfront payment
  • D. All upfront payment

7. What is an advantage of deploying an application across multiple Availability Zones?

  • A. There is a lower risk of service failure if a natural disaster causes a service disruption in a given AWS Region.
  • B. The application will have higher availability because it can withstand a service disruption in one Availability Zone.
  • C. There will be better coverage as Availability Zones are geographically distant and can serve a wider area.
  • D. There will be decreased application latency that will improve the user experience.

8. A Cloud Practitioner is asked how to estimate the cost of using a new application on AWS. What is the MOST appropriate response?

  • A. Inform the user that AWS pricing allows for on-demand pricing.
  • B. Direct the user to the AWS Simple Monthly Calculator for an estimate.
  • C. Use Amazon QuickSight to analyze current spending on-premises.
  • D. Use Amazon AppStream 2.0 for real-time pricing analytics.

9. A company wants to migrate its applications to a VPC on AWS. These applications will need to access on-premises resources.
What combination of actions will enable the company to accomplish this goal? (Choose two.)

  • A. Use the AWS Service Catalog to identify a list of on-premises resources that can be migrated.
  • B. Build a VPN connection between an on-premises device and a virtual private gateway in the new VPC.
  • C. Use Amazon Athena to query data from the on-premises database servers.
  • D. Connect the company’s on-premises data center to AWS using AWS Direct Connect.
  • E. Leverage Amazon CloudFront to restrict access to static web content provided through the company’s on-premises web servers.

10. A web application running on AWS has been spammed with malicious requests from a recurring set of IP addresses. Which AWS service can help secure the application and block the malicious traffic?

  • A. AWS IAM
  • B. Amazon GuardDuty
  • C. Amazon Simple Notification Service (Amazon SNS)
  • D. AWS WAF

11. Treating infrastructure as code in the AWS Cloud allows users to:

  • A. automate migration of on-premises hardware to AWS data centers.
  • B. let a third party automate an audit of the AWS infrastructure.
  • C. turn over application code to AWS so it can run on the AWS infrastructure.
  • D. automate the infrastructure provisioning process.

12. A company requires a dedicated network connection between its on-premises servers and the AWS Cloud. Which AWS service should be used?

  • A. AWS VPN
  • B. AWS Direct Connect
  • C. Amazon API Gateway
  • D. Amazon Connect

13. Which AWS service can be used to query stored datasets directly from Amazon S3 using standard SQL?

  • A. AWS Glue
  • B. AWS Data Pipeline
  • C. Amazon CloudSearch
  • D. Amazon Athena

14. AWS CloudFormation is designed to help the user:

  • A. model and provision resources.
  • B. update application code.
  • C. set up data lakes.
  • D. create reports for billing.

15. A Cloud Practitioner must determine if any security groups in an AWS account have been provisioned to allow unrestricted access for specific ports. What is the SIMPLEST way to do this?

  • A. Review the inbound rules for each security group in the Amazon EC2 management console to check for port 0.0.0.0/0.
  • B. Run AWS Trusted Advisor and review the findings.
  • C. Open the AWS IAM console and check the inbound rule filters for open access.
  • D. In AWS Config, create a custom rule that invokes an AWS Lambda function to review rules for inbound access.

16. What are the benefits of developing and running a new application in the AWS Cloud compared to on-premises? (Choose two.)

  • A. AWS automatically distributes the data globally for higher durability.
  • B. AWS will take care of operating the application.
  • C. AWS makes it easy to architect for high availability.
  • D. AWS can easily accommodate application demand changes.
  • E. AWS takes care application security patching.

17. A user needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances and vulnerabilities on those instances. Which AWS service will provide this assessment report?

  • A. EC2 security groups
  • B. AWS Config
  • C. Amazon Macie
  • D. Amazon Inspector

18. How can a company isolate the costs of production and non-production workloads on AWS?

  • A. Create Identity and Access Management (IAM) roles for production and non-production workloads.
  • B. Use different accounts for production and non-production expenses.
  • C. Use Amazon EC2 for non-production workloads and other services for production workloads.
  • D. Use Amazon CloudWatch to monitor the use of services.

19. Where can users find a catalog of AWS-recognized providers of third-party security solutions?

  • A. AWS Service Catalog
  • B. AWS Marketplace
  • C. AWS Quick Start
  • D. AWS CodeDeploy

20. A Cloud Practitioner needs to store data for 7 years to meet regulatory requirements. Which AWS service will meet this requirement at the LOWEST cost?

  • A. Amazon S3
  • B. AWS Snowball
  • C. Amazon Redshift
  • D. Amazon S3 Glacier

21. What are the immediate benefits of using the AWS Cloud? (Choose two.)

  • A. Increased IT staff.
  • B. Capital expenses are replaced with variable expenses.
  • C. User control of infrastructure.
  • D. Increased agility.
  • E. AWS holds responsibility for security in the cloud.

22. Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS?

  • A. Amazon GuardDuty
  • B. Amazon Macie
  • C. Amazon Inspector
  • D. AWS Shield

23. What is the purpose of AWS Storage Gateway?

  • A. It ensures on-premises data storage is 99.999999999% durable.
  • B. It transports petabytes of data to and from AWS.
  • C. It connects to multiple Amazon EC2 instances.
  • D. It connects on-premises data storage to the AWS Cloud.

24. What should users do if they want to install an application in geographically isolated locations?

  • A. Install the application using multiple internet gateways.
  • B. Deploy the application to an Amazon VPC.
  • C. Deploy the application to multiple AWS Regions.
  • D. Configure the application using multiple NAT gateways.

25. A system in the AWS Cloud is designed to withstand the failure of one or more components. What is this an example of?

  • A. Elasticity
  • B. High Availability
  • C. Scalability
  • D. Agility

26. A Cloud Practitioner needs a consistent and dedicated connection between AWS resources and an on-premises system. Which AWS service can fulfill this requirement?

  • A. AWS Direct Connect
  • B. AWS VPN
  • C. Amazon Connect
  • D. AWS Data Pipeline

27. Within the AWS shared responsibility model, who is responsible for security and compliance?

  • A. The customer is responsible.
  • B. AWS is responsible.
  • C. AWS and the customer share responsibility.
  • D. AWS shares responsibility with the relevant governing body.

28. To use the AWS CLI, users are required to generate:

  • A. a password policy.
  • B. an access/secret key.
  • C. a managed policy.
  • D. an API key.

29. Which AWS service is used to provide encryption for Amazon EBS?

  • A. AWS Certificate Manager
  • B. AWS Systems Manager
  • C. AWS KMS
  • D. AWS Config

30. How does AWS charge for AWS Lambda usage once the free tier has been exceeded? (Choose two.)

  • A. By the time it takes for the Lambda function to execute.
  • B. By the number of versions of a specific Lambda function.
  • C. By the number of requests made for a given Lambda function.
  • D. By the programming language that is used for the Lambda function.
  • E. By the total number of Lambda functions in an AWS account.

31. Which of the following describes the relationships among AWS Regions, Availability Zones, and edge locations? (Choose two.)

  • A. There are more AWS Regions than Availability Zones.
  • B. There are more edge locations than AWS Regions.
  • C. An edge location is an Availability Zone.
  • D. There are more AWS Regions than edge locations.
  • E. There are more Availability Zones than AWS Regions.

32. What does AWS Shield Standard provide?

  • A. WAF rules
  • B. DDoS protection
  • C. Identity and Access Management (IAM) permissions and access to resources
  • D. Data encryption

33. A company wants to build its new application workloads in the AWS Cloud instead of using on-premises resources. What expense can be reduced using the AWS Cloud?

  • A. The cost of writing custom-built Java or Node .js code
  • B. Penetration testing for security
  • C. hardware required to support new applications
  • D. Writing specific test cases for third-party applications.

34. What does AWS Marketplace allow users to do? (Choose two.)

  • A. Sell unused Amazon EC2 Spot Instances.
  • B. Sell solutions to other AWS users.
  • C. Buy third-party software that runs on AWS.
  • D. Purchase AWS security and compliance documents.
  • E. Order AWS Snowball.

35. What does it mean if a user deploys a hybrid cloud architecture on AWS?

  • A. All resources run using on-premises infrastructure.
  • B. Some resources run on-premises and some run in a location center.
  • C. All resources run in the AWS Cloud.
  • D. Some resources run on-premises and some run in the AWS Cloud.

36. Which AWS service allows users to identify the changes made to a resource over time?

  • A. Amazon Inspector
  • B. AWS Config
  • C. AWS Service Catalog
  • D. AWS IAM

37. How can a company reduce its Total Cost of Ownership (TCO) using AWS?

  • A. By minimizing large capital expenditures
  • B. By having no responsibility for third-party license costs
  • C. By having no operational expenditures
  • D. By having AWS manage applications

38. Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

  • A. Ensuring network connectivity from AWS to the internet
  • B. Patching and fixing flaws within the AWS Cloud infrastructure
  • C. Ensuring the physical security of cloud data centers
  • D. Ensuring Amazon EBS volumes are backed up

39. What are the advantages of the AWS Cloud? (Choose two.)

  • A. Fixed rate monthly cost
  • B. No need to guess capacity requirements
  • C. Increased speed to market
  • D. Increased upfront capital expenditure
  • E. Physical access to cloud data centers

40. When comparing the total cost of ownership (TCO) of an on-premises infrastructure to a cloud architecture, what costs should be considered? (Choose two.)

  • A. The credit card processing fees for application transactions in the cloud.
  • B. The cost of purchasing and installing server hardware in the on-premises data.
  • C. The cost of administering the infrastructure, including operating system and software installations, patches, backups, and recovering from failures.
  • D. The costs of third-party penetration testing.
  • E. The advertising costs associated with an ongoing enterprise-wide campaign.

41. Which AWS feature allows a company to take advantage of usage tiers for services across multiple member accounts?

  • A. Service control policies (SCPs)
  • B. Consolidated billing
  • C. All Upfront Reserved Instances
  • D. AWS Cost Explorer

42. What is one of the customer’s responsibilities according to the AWS shared responsibility model?

  • A. Virtualization infrastructure
  • B. Network infrastructure
  • C. Application security
  • D. Physical security of hardware

43. What helps a company provide a lower latency experience to its users globally?

  • A. Using an AWS Region that is central to all users
  • B. Using a second Availability Zone in the AWS Region that is using used
  • C. Enabling caching in the AWS Region that is being used
  • D. Using edge locations to put content closer to all users

44. How can the AWS Cloud increase user workforce productivity after migration from an on-premises data center?

  • A. Users do not have to wait for infrastructure provisioning.
  • B. The AWS Cloud infrastructure is much faster than an on-premises data center infrastructure.
  • C. AWS takes over application configuration management on behalf of users.
  • D. Users do not need to address security and compliance issues.

45. Which AWS service provides a quick and automated way to create and manage AWS accounts?

  • A. AWS QuickSight
  • B. Amazon Lightsail
  • C. AWS Organizations
  • D. Amazon Connect

46. Which Amazon RDS feature can be used to achieve high availability?

  • A. Multiple Availability Zones
  • B. Amazon Reserved Instances
  • C. Provisioned IOPS storage
  • D. Enhanced monitoring

47. Where should users report that AWS resources are being used for malicious purposes?

  • A. AWS Abuse team
  • B. AWS Shield
  • C. AWS Support
  • D. AWS Developer Forums

48. Which AWS service needs to be enabled to track all user account changes within the AWS Management Console?

  • A. AWS CloudTrail
  • B. Amazon Simple Notification Service (Amazon SNS)
  • C. VPC Flow Logs
  • D. AWS CloudHSM

49. What is an AWS Cloud design best practice?

  • A. Tight coupling of components
  • B. Single point of failure
  • C. High availability
  • D. Overprovisioning of resources

50. Which of the following is an example of how moving to the AWS Cloud reduces upfront cost?

  • A. By replacing large variable costs with lower capital investments
  • B. By replacing large capital investments with lower variable costs
  • C. By allowing the provisioning of compute and storage at a fixed level to meet peak demand
  • D. By replacing the repeated scaling of virtual servers with a simpler fixed-scale model

51. When designing a typical three-tier web application, which AWS services and/or features improve availability and reduce the impact failures? (Choose two.)

  • A. AWS Auto Scaling for Amazon EC2 instances
  • B. Amazon VPC subnet ACLs to check the health of a service
  • C. Distributed resources across multiple Availability Zones
  • D. AWS Server Migration Service (AWS SMS) to move Amazon EC2 instances into a different Region
  • E. Distributed resources across multiple AWS points of presence

52. Which cloud design principle aligns with AWS Cloud best practices?

  • A. Create fixed dependencies among application components
  • B. Aggregate services on a single instance
  • C. Deploy applications in a single Availability Zone
  • D. Distribute the compute load across multiple resources

53. Which of the following are recommended practices for managing IAM users? (Choose two.)

  • A. Require IAM users to change their passwords after a specified period of time
  • B. Prevent IAM users from reusing previous passwords
  • C. Recommend that the same password be used on AWS and other sites
  • D. Require IAM users to store their passwords in raw text
  • E. Disable multi-factor authentication (MFA) for IAM users

54. A company is migrating from on-premises data centers to the AWS Cloud and is looking for hands-on help with the project. How can the company get this support? (Choose two.)

  • A. Ask for a quote from the AWS Marketplace team to perform a migration into the company’s AWS account.
  • B. Contact AWS Support and open a case for assistance
  • C. Use AWS Professional Services to provide guidance and to set up an AWS Landing Zone in the company’s AWS account
  • D. Select a partner from the AWS Partner Network (APN) to assist with the migration
  • E. Use Amazon Connect to create a new request for proposal (RFP) for expert assistance in migrating to the AWS Cloud.

55. How does the AWS Enterprise Support Concierge team help users?

  • A. Supporting application development
  • B. Providing architecture guidance
  • C. Answering billing and account inquires
  • D. Answering questions regarding technical support cases

56. An application designed to span multiple Availability Zones is described as:

  • A. being highly available
  • B. having global reach
  • C. using an economy of scale
  • D. having elasticity

57. A new service using AWS must be highly available. Yet, due to regulatory requirements, all of its Amazon EC2 instances must be located in a single geographic area.
According to best practices, to meet these requirements, the EC2 instances must be placed in at least two:

  • A. AWS Regions
  • B. Availability Zones
  • C. subnets
  • D. placement groups

58. Which AWS tool is used to compare the cost of running an application on-premises to running the application in the AWS Cloud?

  • A. AWS Trusted Advisor
  • B. AWS Simple Monthly Calculator
  • C. AWS Total Cost of Ownership (TCO) Calculator
  • D. Cost Explorer

59. A company has multiple AWS accounts within AWS Organizations and wants to apply the Amazon EC2 Reserved Instances benefit to a single account only. Which action should be taken?

  • A. Purchase the Reserved Instances from master payer account and turn off Reserved Instance sharing.
  • B. Enable billing alerts in the AWS Billing and Cost Management console.
  • C. Purchase the Reserved Instances in individual linked accounts and turn off Reserved Instance sharing from the payer level.
  • D. Enable Reserved Instance sharing in the AWS Billing and Cost Management console.

60. Which situation should be reported to the AWS Abuse team?

  • A. In Availability Zone has a service disruption
  • B. An intrusion attempt is made from an AWS IP address
  • C. A user has trouble accessing an Amazon S3 bucket from an AWS IP address
  • D. A user needs to change payment methods due to a compromise

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *