AWS CLOUD PRACTICIONER CLF-C02

Amazon Aurora is a relational database compatible with MySQL and PostgreSQL. Please select two options that are NOT features of Amazon Aurora. Amazon Aurora is a fully managed service. Amazon Aurora is slower than standard MySQL databases. Amazon Aurora provides replication across 3 AZs. Amazon Aurora features self-healing storage system. Amazon Aurora can auto scale upto 32 TB.

Which of the following is not a method used for disaster recovery deployment?. Multi-Site. Pilot light. Warm standby. Single Site.

Which Amazon S3 storage class would you recommend for data exhibiting an unknown or changing access pattern?. Amazon S3 Standard-Infrequent Access. Amazon S3 Intelligent-Tiering. Amazon S3 Standard. Amazon S3 Glacier.

Could you identify two best practices for designing systems based on cloud technology?. Use as many services as possible. Build Tightly-coupled components. Build loosely-coupled components. Assume everything will fail.

What steps must a customer take to receive notifications from AWS Trusted Advisor?. No action is required, all Notifications are sent automatically on a weekly basis. Open a ticket with AWS Support. Set up Notification in Dashboard. Set up Amazon Simple Notification Service.

For a live online game using DynamoDB service in the backend to store real-time scores of global participants, which data consistency model would be the most suitable to apply?. Optimistic consistency. Strongly consistent. Eventually consistent. Strong Eventual consistency.

Where can an administrator find information to verify if the Amazon CloudFront identity is making API access calls to an S3 bucket that hosts a static website?. In AWS CloudTrail Event history, look up access calls and filter for the Amazon CloudFront identity. Configuring Amazon Athena to run queries on the Amazon CloudFront distribution. Check AWS CloudWatch logs on the S3 bucket. In the webserver, tail for identity access logs from the Amazon CloudFront identity.

In the AWS Cloud Adoption Framework (CAF), which of the following accurately depicts the four viewpoints that shape the framework's advice and their corresponding categories?. Strategy, Implementation, Monitoring, Optimization. Technology, Security, Scalability, Compliance. Business, People, Platform, Security. Architecture, Deployment, Performance, Governance.

Which of the following does not constitute a pillar of the AWS Well-Architected Framework?. Performance Efficiency. Automation. Cost Optimization. Reliability.

If you have an application that is mission-critical and needs to be globally accessible at all times, which deployment method would you choose to use?. Deployment to multiple Regions. Deployment to multiple edge locations. Deployment to multiple Availability Zones. Deployment to multiple Data Centers.

From the options provided below, which one serves as an optional security layer that can be attached to a subnet within a VPC to control traffic in and out of the VPC?. Network ACL. VPC Flow Logs. Web Application Firewall. Security Group.

When an administrator gets an alert and comprehensive report about credit card information mistakenly uploaded by a user into one of the S3 buckets during an online survey questionnaire, which AWS service is responsible for this detection and report?. Amazon Macie. Amazon Inspector. Amazon EventBridge. Amazon Detective.

When an administrator is assigned to set up privileges for new department members, selectively granting privileges and ensuring that not all team members have access to all resources, which principle is the administrator adhering to?. Principle of least privilege. Principle of privileged users. Least privilege of group principle. Best practices of permission advisory.

From the options provided below, which one accurately describes the features and capabilities that AWS Network Firewall offers for enhancing network security in an Amazon Web Services (AWS) environment?. AWS Network Firewall is a managed, stateless firewall for securing your Amazon VPC. AWS Network Firewall offers load balancing and auto-scaling for applications within Amazon VPCs. AWS Network Firewall provides protection against Distributed Denial of Service (DDoS) attacks. AWS Network Firewall is a managed, stateful firewall for securing your Amazon VPC.

Which of the following can be set up to improve security at the subnet level?. Security Group. Virtual Private Cloud (VPC). Configure transitive VPC peering. NACL (Network Access Control List).

In a scenario where a developer needs to enable an application on an EC2 instance to perform certain actions and requires granting access to the application for some AWS resources, the developer intends to supply his credentials to the instance. However, considering the developer's credentials are long-term, the developer is seeking an alternative to minimize the security risk. What could the developer do in this situation to temporarily allow applications on EC2 to access the necessary AWS resources?. There is no alternate way. A developer needs to give his credentials and revoke access when the required action is done. Use IAM Roles. Use IAM Group. Use IAM Tags.

Your company is preparing to launch a large e-commerce application on the AWS Cloud and is particularly concerned about Internet attacks like DDoS attacks, which two of the following services could be beneficial in addressing this concern?. AWS Config. Amazon CloudFront. AWS Shield. Amazon EC2.

From the options provided below, which service would be the most suitable for importing third-party SSL/TLS certificates that can be used to deploy on Amazon Elastic Load Balancer?. AWS Systems Manager Parameter Store. AWS Artifacts. AWS Secrets Manager. AWS Certificate Manager.

For downloading AWS' security and compliance documents, which AWS service from the options provided would be the most suitable to fulfill this requirement?. AWS Artifact. AWS Well-Architected Tool. AWS Audit Manager. AWS Trusted Advisor.

For a startup company engaged in social media app development that wishes to provide temporary access to its Lambda functions on AWS to freelance developers who will be logging in through Facebook authentication, which service would be the most suitable for ensuring secure access?. Use a third-party Web ID, federated access provider. Create user credentials using Identity Access Management (IAM). Use Amazon Cognito for web-identity federation. Use Access keys to provide temporary access.

When a new department has been added to the organization and the administrator is tasked with setting up access permissions for a group of users with diverse roles and access requirements, what is the recommended strategy for granting access?. Users should have no access and be granted temporary access on the occasions that they need to execute a task. After gathering information on their access needs, the administrator should allow every user to access the most common resources and privileges on the system. The administrator should grant all users the same permissions and then grant more upon request. The administrator should grant all users the least privilege and add more privileges to only to those who need it.

What AWS services are available for retrieving configuration changes that have led to operational problems with AWS resources?. AWS Config. Amazon Inspector. AWS CloudFormation. AWS Trusted Advisor.

From the options provided, which two accurately describe the features of Amazon S3?. Objects are directly accessible via a URL. S3 allows you to store objects of virtually unlimited size. S3 allows you to store virtually unlimited amounts of data. S3 should be used to host a relational database.

As an AWS Architect hired by a company, you are tasked with hosting an application using EC2 Instances. The infrastructure should be capable of scaling on demand and maintaining fault tolerance. Which two elements would you incorporate into your design from the options provided?. Amazon CloudWatch. AWS Auto Scaling. Amazon GuardDuty. Elastic Load Balancing.

For a software development team that needs to automate the process of compiling code, packaging it, creating a Docker image, and running unit tests for the developed code, which AWS service from the options provided would be the most suitable to assist them in achieving this?. All of the above. AWS CodeBuild. AWS CodeDeploy. AWS CodeCommit.

From the options given, which two statements accurately reflect the security and access management aspects of Amazon S3?. Server-side and client-side encryptions are supported by S3 for data uploads. Self-created S3 resources are only accessible to the user by default. Access Control Lists (ACLs) could be used to grant time bound access using temporary URLs. By default S3 buckets are private, however, objects are public. The object owner needs to change the permissions upon creation of objects to make the objects private. Amazon Macie can protect data in Amazon EC2.

The e-commerce web application being developed on an EC2 instance is currently facing performance issues during browsing and searching activities when multiple heavy load use-cases are being executed simultaneously. The application monitoring tools have identified a bottleneck in the web tier. In order to address this issue, a decision has been made to refactor the application code by separating the web tier components from the resource-intensive tasks related to processing orders. Which AWS service would be suitable to facilitate this modification?. Amazon Kinesis Streams. AWS Auto Scaling. AWS Elastic Load Balancing. Amazon SQS.

You have been assigned the responsibility of constructing and implementing a machine-learning model to forecast customer preferences for an e-commerce platform. What AWS service offers comprehensive machine learning capabilities?. Amazon Kendra. Amazon SageMaker. Amazon Lex. Amazon Polly.

What settings can be configured to give priority to the evaluation of critical job queues over other job queues linked to the same compute resource?. Set higher priority in the priority parameter of a job queue. Set higher priority in the priority parameter of a job definition. Set lower priority in the priority parameter of a job definition. Set lower priority in the priority parameter of a job queue.

For a customer in Tokyo who needs to transfer files (totaling 1TB) to his S3 bucket in us-east-1, which AWS offering from the options provided would be the most suitable to facilitate this in a secure, fast, and easy manner?. AWS Snowball family. AWS Global accelerator. AWS Edge Locations. AWS S3 transfer acceleration.

If there's a need to store objects that must be downloadable via a URL, which storage option would be the most appropriate choice?. Amazon EBS. Amazon S3. Amazon Glacier. Amazon Storage Gateway.

For an international sports governing body's website that aims to deliver content in the local language of viewers from various parts of the world, which service would offer location-based web personalization using geolocation headers from the options given below?. Amazon Route 53. Amazon CloudFront. Amazon EC2 Instance. Amazon Lightsail.

Mayank is in the process of creating a web application that necessitates real-time updates and interactions. He is considering utilizing AWS services to manage the backend logic, database, and authentication seamlessly. What would be the most suitable choice for meeting Mayank's needs?. AWS AppSync. AWS Device Farm. AWS Amplify. AWS IoT Core.

Out of the following statements pertaining to AWS AppSync, which two are not accurate?. APIs built with AppSync need to use third-party libraries like OpenTelemetry for observability. AWS AppSync is used to aggregate data from multiple REST APIs / multiple AWS backend data sources(DynamoDB, Aurora, OpenSearch, etc.) in a single API call. AWS AppSync is a managed GraphQL service. AWS AppSync does not support a strongly typed schema. With AWS AppSync, I can fetch only the required data improving the performance of my application.

If you have a web application hosted on an EC2 Instance that requires the ability to send notifications based on events, which of the provided AWS services would be the most suitable to assist in sending these notifications?. AWS EC2. AWS SES. AWS SNS. AWS SQS.

When considering a transition to the AWS Cloud for your company and focusing on Amazon EC2 from a cost perspective, what would be a benefit?. The ability to only pay for what you use. The ability to choose low cost AMI's to prepare the EC2 Instances. Having the ability of automated backups of the EC2 instance, so that you don't need to worry about the maintenance costs. Ability to tag instances to reduce the overall cost.

Which statement about consolidated billing is not accurate?. Consolidated billing is offered free of cost. A Master account cannot incur usage charges. Pricing models are applied across Member accounts irrespective of a specific resource that the accounts may have. I can use IAM policies from Master Account to control access to budgets created by Member Accounts.

What is the accurate statement regarding Spot Price in the context of a Spot Instance?. Spot Price is static and changes every 6 hours. Spot Price varies based upon demand. Spot Price is static & changes every 24 hours. Spot Price is always less than Spot Instance request.

What tool is available for predicting your AWS expenditure?. AWS Cost Explorer. AWS Organizations. Amazon S3. AWS Trusted Advisor.

Which two factors contribute to the cost of using AWS S3 storage when storing a large amount of data such as images and documents?. While uploading data to an S3 bucket. Lifecycle transition requests. Outbound data transfer from S3 in US-West to an EC2 instance in US-West. Outbound data transfer from S3 in US-East to an EC2 instance in US-West. Outbound data transfer to Amazon CloudFront.