Last Updated on August 28, 2021 by Admin 3

CLF-C01 : AWS Certified Cloud Practitioner : Part 22

  1. Which tool can be used to monitor AWS service limits?

    • AWS Total Cost of Ownership (TCO) Calculator
    • AWS Trusted Advisor
    • AWS Personal Health Dashboard
    • AWS Cost and Usage report
  2. A company has distributed its workload on both the AWS Cloud and some on-premises servers.

    What type of architecture is this?

    • Virtual private network
    • Virtual private cloud
    • Hybrid cloud
    • Private cloud
  3. Which of the following describes a security best practice that can be implemented using AWS IAM?

    • Disable AWS Management Console access for all users
    • Generate secret keys for every IAM user
    • Grant permissions to users who are required to perform a given task only
    • Store AWS credentials within Amazon EC2 instances
  4. What can be used to automate and manage secure, well-architected, multi-account AWS environments?

    • AWS shared responsibility model
    • AWS Control Tower
    • AWS Security Hub
    • AWS Well-Architected Tool
  5. Which AWS service or feature allows a user to easily scale connectivity among thousands of VPCs?

    • VPC peering
    • AWS Transit Gateway
    • AWS Direct Connect
    • AWS Global Accelerator
  6. A company needs protection from expanded distributed denial of service (DDoS) attacks on its website and assistance from AWS experts during such events.

    Which AWS managed service will meet these requirements?

    • AWS Shield Advanced
    • AWS Firewall Manager
    • AWS WAF
    • Amazon GuardDuty
  7. A company’s application has flexible start and end times.

    Which Amazon EC2 pricing model will be the MOST cost-effective?

    • On-Demand Instances
    • Spot Instances
    • Reserved Instances
    • Dedicated Hosts
  8. Under the AWS shared responsibility model, what are the customer’s responsibilities? (Choose two.)

    • Physical and environmental security
    • Physical network devices including firewalls
    • Storage device decommissioning
    • Security of data in transit
    • Data integrity authentication
  9. A cloud practitioner has a data analysis workload that is infrequently executed and can be interrupted without harm.

    To optimize for cost, which Amazon EC2 purchasing option should be used?

    • On-Demand Instances
    • Reserved Instances
    • Spot Instances
    • Dedicated Hosts
  10. Which AWS container service will help a user install, operate, and scale the cluster management infrastructure?

    • Amazon Elastic Container Registry (Amazon ECR)
    • AWS Elastic Beanstalk
    • Amazon Elastic Container Service (Amazon ECS)
    • Amazon Elastic Block Store (Amazon EBS)
  11. Which of the following allows an application running on an Amazon EC2 instance to securely write data to an Amazon S3 bucket without using long term credentials?

    • Amazon Cognito
    • AWS Shield
    • AWS IAM role
    • AWS IAM user access key
  12. A company with a Developer-level AWS Support plan provisioned an Amazon RDS database and cannot connect to it.

    Who should the developer contact for this level of support?

    • AWS Support using a support case
    • AWS Professional Services
    • AWS technical account manager
    • AWS consulting partners
  13. What is the purpose of having an internet gateway within a VPC?

    • To create a VPN connection to the VPC
    • To allow communication between the VPC and the Internet
    • To impose bandwidth constraints on internet traffic
    • To load balance traffic from the Internet across Amazon EC2 instances
  14. A company must ensure that its endpoint for a database instance remains the same after a single Availability Zone service interruption. The application needs to resume database operations without the need for manual administrative intervention.

    How can these requirements be met?

    • Use multiple Amazon Route 53 routes to the standby database instance endpoint hosted on AWS Storage Gateway.
    • Configure Amazon RDS Multi-Availability Zone deployments with automatic failover to the standby.
    • Add multiple Application Load Balancers and deploy the database instance with AWS Elastic Beanstalk.
    • Deploy a single Network Load Balancer to distribute incoming traffic across multiple Amazon CloudFront origins.
  15. Which AWS managed service can be used to distribute traffic between one or more Amazon EC2 instances?

    • NAT gateway
    • Elastic Load Balancing
    • Amazon Athena
    • AWS PrivateLink
  16. AWS Trusted Advisor provides recommendations on which of the following? (Choose two.)

    • Cost optimization
    • Auditing
    • Serverless architecture
    • Performance
    • Scalability
  17. Which of the following tasks can only be performed after signing in with AWS account root user credentials? (Choose two.)

    • Closing an AWS account
    • Creating a new IAM policy
    • Changing AWS Support plans
    • Attaching a role to an Amazon EC2 instance
    • Generating access keys for IAM users
  18. Fault tolerance refers to:

    • the ability of an application to accommodate growth without changing design
    • how well and how quickly an application’s environment can have lost data restored
    • how secure your application is
    • the built-in redundancy of an application’s components
  19. A company operating in the AWS Cloud requires separate invoices for specific environments, such as development, testing, and production.

    How can this be achieved?

    • Use multiple AWS accounts
    • Use resource tagging
    • Use multiple VPCs
    • Use Cost Explorer
  20. Which AWS service can be used in the application deployment process?

    • AWS AppSync
    • AWS Batch
    • AWS CodePipeline
    • AWS DataSync