AWS Certified Cloud Practitioner (CLF-C01)Exam D

QUESTION 1 Which element of the AWS global infrastructure consists of one or more discrete data centres, each with redundant power, networking, and connectivity, which are housed in separate facilities?

A. AWS Regions

B. Edge locations

C. Availability Zones

D. Amazon CloudFront

Correct Answer: C

QUESTION 2 Which Amazon VPC feature enables users to capture information about the IP traffic that reaches Amazon EC2 instances?

A. Security groups

B. VPC Flow Logs

C. Elastic network interfaces

D. Network ACLs

Correct Answer: B

QUESTION 3 Which AWS service can be used to automatically scale an application up and down without making capacity planning decisions?

A. Amazon Redshift

B. AWS CloudTrail

C. Amazon AutoScaling

D. AWS Lambda

Correct Answer: C

QUESTION 4 AWS Enterprise Support users have access to which service or feature that is not available to users with other AWS Support plans?

A. AWS Trusted Advisor

B. Concierge team

C. AWS Support case

D. Amazon Connect

Correct Answer: B

QUESTION 5 A company wants to migrate a MySQL database to AWS but does not have the budget for Database Administrators to handle routine tasks including provisioning, patching, and performing backups. Which AWS service will support this use case?

A. Amazon DynamoDB

B. Amazon RDS

C. Amazon DocumentDB

D. Amazon ElastiCache

Correct Answer: B

QUESTION 6 A company wants to expand from one AWS Region into a second AWS Region. What does the company need to do to start supporting the new Region?

A. Contact an AWS Account Manager to sign a new contract

B. Move an Availability Zone to the new Region

C. Download the AWS Management Console for the new Region

D. Begin deploying resources in the second Region

Correct Answer: D

QUESTION 7 A user must meet compliance and software licensing requirements that state a workload must be hosted on a physical server. Which Amazon EC2 instance pricing option will meet these requirements?

A. Dedicated Instances

B. Spot Instances

C. Dedicated Hosts

D. Reserved Instances

Correct Answer: C

QUESTION 8 Which AWS service will provide a way to generate encryption keys that can be used to encrypt data? (Choose two.)

A. AWS Key Management Service (AWS KMS)

B. AWS CloudHSM

C. Amazon Macie

D. AWS Certificate Manager

E. AWS Secrets Manager

Correct Answer: AB

QUESTION 9 A company is planning to migrate from on-premises to the AWS Cloud. Which AWS tool or service provides detailed reports on estimated cost savings after migration?

A. AWS Total Cost of Ownership (TCO) Calculator

B. AWS Migration Hub

C. Cost Explorer

D. AWS Budgets

Correct Answer: B

QUESTION 10 What can assist in evaluating an application for migration to the cloud? (Choose two.)

A. AWS Professional Services

B. AWS Trusted Advisor

C. AWS Systems Manager

D. AWS Secrets Manager

E. AWS Partner Network (APN)

Correct Answer: BE

QUESTION 11 Which AWS service helps users meet contractual and regulatory compliance requirements for data security by using dedicated hardware appliances within the AWS Cloud?

A. AWS Secrets Manager

B. AWS Key Management Service (AWS KMS)

C. AWS CloudHSM

D. AWS Directory Service

Correct Answer: C

QUESTION 12 Under the AWS shared responsibility model, the customer manages which of the following? (Choose two.)

A. Security group and ACL configuration

B. Patch management of an Amazon EC2 instance operating system

C. Decommissioning of physical storage devices

D. Patch management of an Amazon RDS instance operating system

E. Controlling physical access to data centres

Correct Answer: AB

QUESTION 13 Which AWS service is suitable for an event-driven workload?

A. Amazon EC2

B. AWS Lambda

C. AWS Elastic Beanstalk

D. Amazon Lumberyard

Correct Answer: C

QUESTION 14 What is the value proposition of the AWS Cloud?

A. AWS is responsible for security in the AWS Cloud

B. Provision new servers in days

C. AWS manages user applications in the AWS Cloud

D. No long-term contract is required

Correct Answer: D

QUESTION 15 What is a characteristic of Amazon S3 cross-region replication?

A. S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts

B. Both source and destination S3 buckets must have versioning disabled

C. The source and destination S3 buckets cannot be in different AWS Regions

D. The source S3 bucket owner must have the source and destination AWS Regions disabled for their account

Correct Answer: A

QUESTION 16 What is a user responsible for when running an application in the AWS Cloud?

A. Managing application software updates

B. Managing physical hardware

C. Updating the underlying hypervisor

D. Providing a list of users approved for data centre access

Correct Answer: A

QUESTION 17 A company that does business online needs to quickly deliver new functionality in an iterative manner, minimising the time to market. Which AWS Cloud feature can provide this?

A. Elasticity

B. Agility

C. High availability

D. Reliability

Correct Answer: B

QUESTION 18 Which features or services can be used to monitor costs and expenses for an AWS account? (Choose two.)

A. AWS product pages

B. AWS Cost and Usage report

C. Billing alerts and Amazon CloudWatch alarms

D. AWS Simple Monthly Calculator

E. AWS Price List API

Correct Answer: BC

QUESTION 19 Amazon Route 53 enables users to:

A. encrypt data in transit

B. generate and manage SSL certificates

C. register DNS domain names

D. establish a dedicated network connection to AWS

Correct Answer: C

QUESTION 20 Which AWS service helps identify malicious or unauthorised activities in AWS accounts and workloads?

A. Amazon GuardDuty

B. Amazon Rekognition

C. AWS Trusted Advisor

D. Amazon CloudWatch

Correct Answer: A

QUESTION 21 A company wants to try a third-party ecommerce solution before deciding to use it long term. Which AWS service or tool will support this effort?

A. AWS Partner Network (APN)

B. AWS Marketplace

C. AWS Managed Services

D. AWS Service Catalog

Correct Answer: B

QUESTION 22 Which AWS service is a managed NoSQL database?

A. Amazon Redshift

B. Amazon Aurora

C. Amazon RDS for MariaDB

D. Amazon DynamoDB

Correct Answer: D

QUESTION 23 Which AWS service should be used to create a billing alarm?

A. AWS Trusted Advisor

B. Amazon CloudWatch

C. AWS CloudTrail

D. Amazon QuickSight

Correct Answer: B

QUESTION 24 A company is hosting a web application in a Docker container on Amazon EC2. AWS is responsible for which of the following tasks?

A. Performing hardware maintenance in the AWS facilities that run the AWS Cloud

B. Scaling the web application and services developed with Docker

C. Provisioning or scheduling containers to run on clusters and maintain their availability

D. Managing the guest operating system, including updates and security patches

Correct Answer: A

QUESTION 25 Users are reporting latency when connecting to a website with a global customer base. Which AWS service will improve the customer experience by reducing latency?

A. AWS Direct Connect

B. Amazon EC2 Auto Scaling

C. AWS Transit Gateway

D. Amazon CloudFront

Correct Answer: D

QUESTION 26 Which actions represent best practices for using AWS IAM? (Choose two.)

A. Share the security credentials among users of AWS accounts who are in the same Region

B. Configure a strong password policy

C. Rotate access keys on a regular basis

D. Use access keys to log in to the AWS Management Console

E. Avoid using IAM roles to delegate permissions

Correct Answer: BC

QUESTION 27 Which AWS feature or service can be used to capture information about incoming and outgoing traffic in an AWS VPC infrastructure?

A. AWS Config

B. AWS Trusted Advisor

C. VPC Flow Logs

D. AWS CloudTrail

Correct Answer: C

QUESTION 28 A company wants to use an AWS service to monitor the health of application endpoints, with the ability to route traffic to healthy regional endpoints to improve application availability. Which service will support these requirements?

A. AWS Global Accelerator

B. Amazon Inspector

C. Amazon CloudWatch

D. Amazon CloudFront

Correct Answer: A

QUESTION 29 According to the AWS Well-Architected Framework, what change management steps should be taken to achieve reliability in the AWS Cloud? (Choose two.)

A. Use AWS Certificate Manager to whitelist approved AWS resources and services

B. Use Amazon GuardDuty to validate configuration changes made to AWS resources

C. Use AWS Config to generate an inventory of AWS resources

D. Use service limits to prevent users from creating or making changes to AWS resources

E. Use AWS CloudTrail to record AWS API calls into an auditable log file

Correct Answer: AB

QUESTION 30 Which service can be used to monitor and receive alerts for AWS account root user AWS Management Console sign-in events?

A. AWS Config

B. AWS Trusted Advisor

C. Amazon CloudWatch

D. AWS IAM

Correct Answer: C

QUESTION 31 Which design principle should be considered when architecting in the AWS Cloud?

A. Design loosely coupled components

B. Think of servers as non-disposable resources

C. Use synchronous integration of services

D. Implement the least permissive rules for security groups

Correct Answer: A

QUESTION 32 Which AWS services can be used to move data from on-premises data centres to AWS? (Choose two.)

A. AWS Lambda

B. AWS Snowball

C. AWS Database Migration Service (AWS DMS)

D. AWS ElastiCache

E. Amazon API Gateway

Correct Answer: BC

QUESTION 33 A batch workload takes 5 hours to finish on an Amazon EC2 instance. The amount of data to be processed doubles monthly and the processing time is proportional. What is the best cloud architecture to address this consistently growing demand?

A. Run the application on a bigger EC2 instance size.

B. Switch to an EC2 instance family that better matches batch requirements.

C. Run the application on a bare metal EC2 instance.

D. Distribute the application across multiple EC2 instances and run the workload in parallel.

Correct Answer: D

QUESTION 34 Each department within a company has its own independent AWS account and its own payment method.New company leadership wants to centralise departmental governance and consolidate payments.How can this be achieved using AWS services or features?

A. Forward monthly invoices for each account. Then create IAM roles to allow cross-account access.

B. Create a new AWS account. Then configure AWS Organizations and invite all existing accounts to join.

C. Use Cost Explorer to combine costs from all accounts. Then replicate IAM policies across accounts.

D. Configure AWS Organizations in each of the existing accounts. Then link all accounts together.

Correct Answer: D

QUESTION 35 The ability to horizontally scale Amazon EC2 instances based on demand is an example of which concept in the AWS Cloud value proposition?

A. Economy of scale

B. High availability

C. Agility

D. Elasticity

Correct Answer: D

QUESTION 36 An ecommerce company anticipates a huge increase in web traffic for two very popular upcoming shopping holidays.Which AWS service or feature can be configured to dynamically adjust resources to meet this change in demand?

A. Amazon EC2 Auto Scaling

B. AWS CloudTrail

C. Amazon Forecast

D. AWS Config

Correct Answer: A

QUESTION 37 Which AWS service enables users to securely connect to AWS resources over the public internet?

A. AWS Direct Connect

B. AWS VPN

C. Amazon VPC peering

D. Amazon Pinpoint

Correct Answer: C

QUESTION 38 Which tool is used to forecast AWS spending?

A. AWS Trusted Advisor

B. Cost Explorer

C. AWS Organizations

D. Amazon Inspector

Correct Answer: B

QUESTION 39 A company is running an ecommerce application hosted in Europe. To decrease latency for users who access the website from other parts of the world, the company would like to cache frequently accessed static content closer to the users. Which AWS service will support these requirements?

A. Amazon CloudFront

B. Amazon ElastiCache

C. Amazon Elastic File System (Amazon EFS)

D. Amazon Elastic Block Store (Amazon EBS)

Correct Answer: A

QUESTION 40 Which of the following is a component of the AWS Global Infrastructure?

A. Amazon Alexa

B. Amazon Lightsail

C AWS Organizations

D. AWS Regions

Correct Answer: D

QUESTION 41 Which AWS service will help users determine if an application running on an Amazon EC2 instance has sufficient CPU capacity?

A. AWS Config

B. AWS CloudTrail

C. Amazon CloudWatch

D. Amazon Inspector

Correct Answer: C

QUESTION 42 Why is it beneficial to use Elastic Load Balancers with applications?

A. They allow for the conversion from Application Load Balancers to Classic Load Balancers.

B. They automatically adjust capacity.

C. They are provided at no charge to users.

D. They are capable of handling constant changes in network traffic patterns.

Correct Answer: D

QUESTION 43 Which tasks are the customer's responsibility in the AWS shared responsibility model? (Choose two.

A. Configuration management of user’s applications

B. Security groups configuration

C. Infrastructure facilities access management

D. Cloud infrastructure hardware lifecycle management

E. Networking infrastructure protection

Correct Answer: AB

QUESTION 44 IT systems should be designed to reduce interdependencies, so that a change or failure in one component does not cascade to other components. This is an example of which principle of cloud architecture design?

A. Scalability

B. Automation

C. Automatic scaling

D. Loose coupling

Correct Answer: D

QUESTION 45 Which AWS service or feature can enhance network security by blocking requests from a particular network for a web application on AWS? (Choose two.)

A. AWS Trusted Advisor

B. AWS WAF

C. Network ACLs

D. AWS Direct Connect

E. AWS Organizations

Correct Answer: BC

QUESTION 46 An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously. Which AWS storage service should be used?

A. Amazon EBS

B. Amazon S3

C. Amazon EFS

D. AWS Artefact

Correct Answer: C

QUESTION 47 A web application is hosted on AWS using an Elastic Load Balancer, multiple Amazon EC2 instances, and Amazon RDS.Which security measures fall under the responsibility of AWS? (Choose two.)

A. Running a virus scan on EC2 instances

B. Encrypting communication between the EC2 instances and the Elastic Load Balancer

C. Protecting against IP spoofing and packet sniffing

D. Installing the latest security patches on the RDS instance

E. Configuring a security group and a network access control list (NACL) for EC2

Correct Answer: CD

QUESTION 48 What is the benefit of elasticity in the AWS Cloud?

A. Ensure web traffic is automatically spread across multiple AWS Regions.

B. Automatically adjust the required compute capacity to maintain consistent performance.

C. Minimise storage costs by automatically archiving log data.

D. Enable AWS to automatically select the most cost-effective services.

Correct Answer: B

QUESTION 49 The continual reduction of AWS Cloud pricing is due to:

A. pay-as-you go pricing

B. economies of scale

C. the AWS global infrastructure

D. reserved storage pricing

Correct Answer: B

QUESTION 50 A company needs an Amazon S3 bucket that cannot have any public objects due to compliance requirements. How can this be accomplished?

A. Hold a team meeting to discuss the importance of only uploading private S3 objects.

B. Require all S3 objects to be manually approved before uploading.

C. Enable S3 Block Public Access from the AWS Management Console

D. Create a service to monitor all S3 uploads and remove any public uploads.

Correct Answer: C

QUESTION 51 A Cloud Practitioner identifies a billing issue after examining the AWS Cost and Usage report in the AWS Management Console. Which action can be taken to resolve this?

A. Upload data describing the issue to a new object in a private Amazon S3 bucket.

B. Open a detailed case related to billing and submit it to AWS Support for help.

C. Create a pricing application and deploy it to a right-sized Amazon EC2 instance for more information.

D. Proceed with creating a new dashboard in Amazon QuickSight.

Correct Answer: A

QUESTION 52 What does the AWS Simple Monthly Calculator do?

A. Compares on-premises costs to colocation environments

B. Estimates power consumption at existing data centres

C. Estimates CPU utilisation

D. Estimates monthly billing based on projected usage

Correct Answer: D

QUESTION 53 Who is responsible for patching the guest operating system for Amazon RDS?

A. The AWS Product team

B. Managed partners

C. The customer Database Administrator

D. AWS Support

Correct Answer: C

QUESTION 54 Which AWS services may be scaled using AWS Auto Scaling? (Choose two.)

A Amazon S3

B. Amazon Route 53

C. Amazon Redshift

D. Amazon EC2

E. Amazon DynamoDB

Correct Answer: DE

QUESTION 55 Which of the following are benefits of AWS Global Accelerator? (Choose two.)

A. Improved availability of applications deployed on AWS

B. Reduced cost to run services on AWS

C. Higher durability of data stored on AWS

D. Higher security of data stored on AWS

E. Decreased latency to reach applications deployed on AWS

Correct Answer: AE

QUESTION 56 A user who wants to get help with billing and reactivate a suspended account should submit an account and billing request to:

A. AWS Support

B. the AWS Support forum

C. AWS Abuse

D. an AWS Solutions Architect

Correct Answer: A

QUESTION 57 Which AWS Cloud best practice uses the elasticity and agility of cloud computing?

A. Provision capacity based on past usage and theoretical peaks

B. Build the application and infrastructure in a data centre that grants physical access

C. Dynamically and predictively scale to meet usage demands

D. Break apart the application into loosely coupled components

Correct Answer: C

QUESTION 58 Which method helps to optimise costs of users moving to the AWS Cloud?

A. Purchasing hardware before it is needed

B. Paying only for what is used

C. Manually provisioning cloud resources

D. Purchasing for the maximum possible load

Correct Answer: B

QUESTION 59 Under the AWS shared responsibility model, which of the following is a customer responsibility?

A. Installing security patches for the Xen and KVM hypervisors

B. Installing operating system security patches for Amazon EC2 database instances

C. Installing operating system patches for Amazon DynamoDB

D. Installing operating system security patches for Amazon RDS database instances

Correct Answer: B

QUESTION 60 The AWS Cost Management tools give users the ability to do which of the following? (Choose two.)

A. Terminate all AWS resources automatically if budget thresholds are exceeded.

B. Switch automatically to Reserved Instances or Spot Instances, whichever is most cost-effective.

C. Move data stored in Amazon S3 to a more cost-effective storage class.

D. Break down AWS costs by day, service, and linked AWS account.

E. Create budgets and receive notifications if current or forecasted usage exceeds the budgets.

Correct Answer: DE

QUESTION 61 Under the AWS shared responsibility model, the security and patching of the guest operating system is the responsibility of:

A. AWS Support

B. AWS Systems Manager

C. the customer

D. AWS Config

Correct Answer: C

QUESTION 62 Which AWS service makes it easy to create and manage AWS users and groups, and provide them with secure access to AWS resources at no charge?

A. AWS Identity and Access Management (IAM)

B AWS Direct Connect

C. Amazon Connect

D. AWS Firewall Manager

Correct Answer: A

QUESTION 63 Which AWS service provides on-demand AWS security and compliance documentation?

A. AWS Directory Service

B. AWS Trusted Advisor

C. AWS Artefact

D. Amazon Inspector

Correct Answer: C

QUESTION 64 Which AWS service can be used to turn text into life-like speech?

A. Amazon Transcribe

B. Amazon Polly

C. Amazon Rekognition

D. Amazon Lex

Correct Answer: B

QUESTION 65 What is one of the core principles to follow when designing a highly available application in the AWS Cloud?

A. Design using a serverless architecture

B. Design AWS Auto Scaling into every application

C. Assume that all components within an application can fail

D. Design all components using open-source code

Correct Answer: C

A user needs to generate a report that outlines the status of key security checks in an AWS account. The report must include: 1. The status of Amazon S3 bucket permissions. 2. Whether multi-factor authentication is enabled for the AWS account root user. 3. If any security groups are configured to allow unrestricted access. Where can all this information be found in one location?

A. AWS Trusted Advisor report

B. Amazon QuickSight dashboard

C. AWS CloudTrail trails

D. IAM credential report

Correct Answer: A

QUESTION 67 Which Amazon EC2 pricing model should be used to comply with per-core software license requirements?

A. On-Demand Instances

B. Dedicated Hosts

C. Spot Instances

D. Reserved Instances

Correct Answer: B

QUESTION 68 Which of the AWS global infrastructure is used to cache copies of content for faster delivery to users across the globe?

A. AWS Regions

B. Edge locations

C. Availability Zones

D. Data centres

Correct Answer: B

QUESTION 69 Using AWS Config to record, audit, and evaluate changes to AWS resources to enable traceability is an example of which AWS Well-Architected Framework pillar?

A. Operational excellence

B. Performance efficiency

C. Security

D. Cost optimization

Correct Answer: C

QUESTION 70 A user needs to quickly deploy a non-relational database on AWS. The user does not want to manage the underlying hardware or the database software.Which AWS service can be used to accomplish this?

A. Amazon RDS

B. Amazon Aurora

C. Amazon Redshift

D. Amazon DynamoDB

Correct Answer: D

QUESTION 71 A Cloud Practitioner is developing a disaster recovery plan and intends to replicate data between multiple geographic areas.Which of the following meets these requirements?

A. AWS Accounts

B. Availability Zones

C. AWS Regions

D. Edge locations

Correct Answer: C

QUESTION 72 Which features and benefits does the AWS Organizations service provide? (Choose two.)

A. Implementing consolidated billing

B. Enforcing the governance of AWS accounts

C. Establishing real-time communications between members of an internal team

D. Facilitating the use of NoSQL databases

E. Providing automated security checks

Correct Answer: AB

QUESTION 73 Which AWS service is used to automate configuration management using Chef and Puppet?

A. AWS Config

B. AWS CloudFormation

C. AWS OpsWorks

D. AWS Systems Manager

Correct Answer: C

QUESTION 74 Which tool is best suited for combining the billing of AWS accounts that were previously independent from one another?

A. Detailed billing report

B. AWS Cost and Usage report

C Cost allocation report

D. Consolidated billing

Correct Answer: D

QUESTION 75 The AWS Total Cost of Ownership (TCO) Calculator is used to:

A. estimate savings when comparing the AWS Cloud to an on-premises environment

B. receive reports that break down AWS Cloud compute costs by duration, resource, or tags

C. estimate a monthly bill for the AWS Cloud resources that will be used

D. enable billing alerts to monitor actual AWS costs compared to estimated costs

Correct Answer: A

QUESTION 76 Which AWS services can be used to provide network connectivity between an on-premises network and a VPC? (Choose two.

A. AWS Direct Connect

B. Amazon Route 53

C. AWS Data Pipeline

D. Amazon Connect

E. AWS VPN

Correct Answer: AE

QUESTION 77 Under the AWS shared responsibility model, which of the following are customer responsibilities? (Choose two.)

A. Amazon RDS instance patching

B. Setting up server-side encryption on an Amazon S3 bucket

C. Physical security of data centre facilities

D. Network and firewall configurations

E. Compute capacity availability

Correct Answer: BD

QUESTION 78 What is the MINIMUM AWS Support plan level that will provide users with access to the AWS Support API?

A. Business

B. Developer

C. Enterprise

D. Basic

Correct Answer: A

QUESTION 79 A company has deployed several relational databases on Amazon EC2 instances. Every month, the database software vendor releases new security patches that need to be applied to the databases. What is the MOST efficient way to apply the security patches?

A. Connect to each database instance on a monthly basis, and download and apply the necessary security patches from the vendor.

B. Enable automatic patching for the instances using the Amazon RDS console.

C. Use AWS Systems Manager to automate database patching according to a schedule.

D. In AWS Config, configure a rule for the instances and the required patch level.

Correct Answer: C

QUESTION 80 A company wants to use Amazon Elastic Compute Cloud (Amazon EC2) to deploy a global commercial application. The deployment solution should be built with the highest redundancy and fault tolerance.Based on this situation, the Amazon EC2 instances should be deployed:

A. across multiple Availability Zones in two AWS Regions

B. in a single Availability Zone in one AWS Region

C. with multiple Elastic Network Interfaces belonging to different subnets

D. across multiple Availability Zones in one AWS Region

Correct Answer: A

QUESTION 81 A company has an application with users in both Australia and Brazil. All the company infrastructure is currently provisioned in the Asia Pacific (Sydney) Region in Australia, and Brazilian users are experiencing high latency.What should the company do to reduce latency?

A. Launch additional Amazon EC2 instances in Sydney to handle the demand

B. Implement AWS Direct Connect for users in Brazil

C. Use AWS Transit Gateway to quickly route users from Brazil to the application

Correct Answer: A

QUESTION 82 An Amazon EC2 instance runs only when needed yet must remain active for the duration of the process. What is the most appropriate purchasing option?

A. Dedicated Instances

B. Reserved Instances

C. Spot Instances

D. On-Demand Instances

Correct Answer: B

QUESTION 83 Which AWS dashboard displays relevant and timely information to help users manage events in progress, and provides proactive notifications to help plan for scheduled activities?

A. AWS Service Health Dashboard

B. AWS Trusted Advisor dashboard

C. Amazon CloudWatch dashboard

D. AWS Personal Health Dashboard

Correct Answer: D

QUESTION 84 Which AWS hybrid storage service enables a user's on-premises applications to seamlessly use AWSCloud storage?

A. AWS Backup

B. AWS Storage Gateway

C. Amazon Connect

D. AWS Direct Connect

Correct Answer: B

QUESTION 85 Which of the following acts as a virtual firewall at the Amazon EC2 instance level to control traffic for one or more instances?

A. Access keys

B. Virtual private gateways

D. Access Control Lists (ACL)

C. Security groups

Correct Answer: D

QUESTION 86 What is the most efficient way to establish network connectivity from on-premises to multiple VPCs in different AWS Regions?

A. Use an AWS Transit Gateway

B. Use AWS Direct Connect

C. Use AWS VPN

D. Use AWS Client VPN

Correct Answer: A

QUESTION 87 Which AWS Support plan provides access to architectural and operational reviews, as well as 24/7 access to Senior Cloud Support Engineers through email, online chat, and phone?

A. Basic

B. Enterprise

C. Business

D. Developer

Correct Answer: B

QUESTION 88 Which AWS service or feature helps restrict the AWS services, resources, and individual API actions the users and roles in each member account can access?

A. Amazon Cognito

B. AWS Organizations

C. AWS Firewall Manager

D. AWS Shield

Correct Answer:D

QUESTION 89 What is the best resource for a user to find compliance-related information and reports about AWS?

A. AWS Marketplace

B. Amazon Inspector

C. AWS Artefact

D. AWS Support

Correct Answer: C

QUESTION 90 Which Amazon S3 storage class is optimised to provide access to data with lower resiliency requirements,but rapid access when needed such as duplicate backups?

A. Amazon S3 Standard

B. Amazon S3 One Zone-Infrequent Access

C. Amazon S3 Glacier Deep Archive

D. Amazon S3 Glacier

Correct Answer:B

Toggle Title

A. A completely isolated geographic location

B. One or more edge locations based around the world

C. One or more physical data centres

D. A data centre location with a single source of power and networking

Correct Answer:C

QUESTION 92 Which AWS services can be used as infrastructure automation tools? (Choose two.)

A. Amazon CloudFront

B. AWS CloudFormation

C. AWS Batch

D. Amazon QuickSight

E. AWS OpsWorks

Correct Answer: BE

QUESTION 93 Which AWS service enables users to create copies of resources across AWS Regions?

A. Amazon ElastiCache

B. AWS CloudTrail

C. AWS CloudFormation

D. AWS Systems Manager

Correct Answer:C

QUESTION 94 A user would like to encrypt data that is received, stored, and managed by AWS CloudTrail. Which AWS service will provide this capability?

A. AWS Key Management Service (AWS KMS)

B. AWS Secrets Manager

C. AWS Systems Manager

D. AWS Certificate Manager

Correct Answer: A

QUESTION 95 Which AWS Cloud benefit eliminates the need for users to try estimating future infrastructure usage?

A. Easy and fast deployment of applications in multiple Regions around the world

B. Elasticity of the AWS Cloud

C. Security of the AWS Cloud

D. Lower variable costs due to massive economies of scale

Correct Answer: B

QUESTION 96 What credential components are required to gain programmatic access to an AWS account? (Choose two.)

A. A primary key

B. An access key ID

C A user ID

D. A secret access key

E. A secondary key

Correct Answer: BD

QUESTION 97 Which of the following are AWS compute services? (Select two.)

A. AWS Systems Manager

B. AWS CloudFormation

C. Amazon Lightsail

D. Amazon Inspector

E. AWS Batch

Correct Answer:CE

QUESTION 98 How can a company separate costs for network traffic, Amazon EC2, Amazon S3, and other AWS services by department?

A. Create a separate VPC for each department

B. Add department-specific tags to each resource

C. Create a separate AWS account for each department

D. Use AWS Organizations

Correct Answer:B

QUESTION 99 What is a benefit of consolidated billing for AWS accounts?

A. Access to AWS Personal Health Dashboard

B. Improved account security

C. Combined usage volume discounts

D. Centralised AWS IAM

Correct Answer:C

QUESTION 100 Which AWS service will allow a user to set custom cost and usage limits, and will alert when the thresholds are exceeded?

A. AWS Budgets

B. Cost Explorer

C AWS Trusted Advisor

D. AWS Organizations

Correct Answer :D

QUESTION 101 Which AWS service provides the ability to detect inadvertent data leaks of personally identifiable information (PII) and user credential data?

A. Amazon GuardDuty

B. Amazon Macie

C Amazon Inspector

D. AWS Shield

Correct Answer:B

QUESTION 102 Which tool can be used to monitor AWS service limits?

A. AWS Trusted Advisor

B. AWS Total Cost of Ownership (TCO) Calculator

C. AWS Personal Health Dashboard

D. AWS Cost and Usage report

Correct Answer: A

QUESTION 103 A company has distributed its workload on both the AWS Cloud and some on-premises servers. What type of architecture is this?

A. Virtual private network

B. Hybrid cloud

C. Virtual private cloud

D. Private cloud

Correct Answer:B

QUESTION 104 Which of the following describes a security best practice that can be implemented using AWS IAM?

A. Grant permissions to users who are required to perform a given task only

B. Disable AWS Management Console access for all users

C. Generate secret keys for every IAM user

D. Store AWS credentials within Amazon EC2 instances

Correct Answer:A

QUESTION 105 What can be used to automate and manage secure, well-architected, multi-account AWS environments?

A. AWS Control Tower

B. AWS shared responsibility model

C. AWS Security Hub

D. AWS Well-Architected Tool

Correct Answer:A

QUESTION 106 Which AWS service or feature allows a user to easily scale connectivity among thousands of VPCs?

A. VPC peering

B. AWS Direct Connect

C. AWS Global Accelerator

D. AWS Transit Gateway

Correct Answer:D

QUESTION 107 A company needs protection from expanded distributed denial of service (DDoS) attacks on its website and assistance from AWS experts during such events.Which AWS managed service will meet these requirements?

A. AWS Firewall Manager

B. AWS WAF

C. AWS Shield Advanced

D. Amazon GuardDuty

Correct Answer: C

QUESTION 108 A company's application has flexible start and end times. Which Amazon EC2 pricing model will be the MOST cost-effective?

A. On-Demand Instances

B. Reserved Instances

C. Spot Instances

D. Dedicated Hosts

Correct Answer: C

QUESTION 109 Under the AWS shared responsibility model, what are the customer's responsibilities? (Choose two.)

A. Security of data in transit

B. Data integrity authentication

C. Physical and environmental security

D. Physical network devices including firewalls

E. Storage device decommissioning

Correct Answer:AB

QUESTION 110 A cloud practitioner has a data analysis workload that is infrequently executed and can be interrupted without harm.To optimise for cost, which Amazon EC2 purchasing option should be used?

A. On-Demand Instances

B. Spot Instances

C. Reserved Instances

D. Dedicated Hosts

Correct Answer:B

QUESTION 111 Which AWS container service will help a user install, operate, and scale the cluster management infrastructure?

A. Amazon Elastic Container Service (Amazon ECS)

B. Amazon Elastic Container Registry (Amazon ECR)

C. AWS Elastic Beanstalk

D. Amazon Elastic Block Store (Amazon EBS)

Correct Answer:A

techinsightslabs

AWS Certified Cloud Practitioner (CLF-C01)Exam D

Solverwp- WordPress Theme and Plugin