CLF-C01 : AWS Certified Cloud Practitioner : Part 13

  1. Which AWS service offers on-demand access to AWS security and compliance reports?

    • AWS CloudTrail
    • AWS Artifact
    • AWS Health
    • Amazon CloudWatch
    Explanation:
    AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement (NDA).
  2. What are the benefits of using the AWS Cloud for companies with customers in many countries around the world? (Choose two.)

    • Companies can deploy applications in multiple AWS Regions to reduce latency.
    • Amazon Translate automatically translates third-party website interfaces into multiple languages.
    • Amazon CloudFront has multiple edge locations around the world to reduce latency.
    • Amazon Comprehend allows users to build applications that can respond to user requests in many languages.
    • Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which re
  3. Which AWS service handles the deployment details of capacity provisioning, load balancing, Auto Scaling, and application health monitoring?

    • AWS Config
    • AWS Elastic Beanstalk
    • Amazon Route 53
    • Amazon CloudFront
    Explanation
    Upload your code and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time.
  4. Which AWS service provides inbound and outbound network ACLs to harden external connectivity to Amazon EC2?

    • AWS IAM
    • Amazon Connect
    • Amazon VPC
    • Amazon API Gateway
  5. When a company provisions web servers in multiple AWS Regions, what is being increased?

    • Coupling
    • Availability
    • Security
    • Durability
  6. The pay-as-you-go pricing model for AWS services:

    • reduces capital expenditures.
    • requires payment up front for AWS services.
    • is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
    • reduces operational expenditures.
  7. Under the AWS shared responsibility model, AWS is responsible for which security-related task?

    • Lifecycle management of IAM credentials
    • Physical security of global infrastructure
    • Encryption of Amazon EBS volumes
    • Firewall configuration
  8. Which AWS service enables users to consolidate billing across multiple accounts?

    • Amazon QuickSight
    • AWS Organizations
    • AWS Budgets
    • Amazon Forecast
    Explanation:
    You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS Organizations has a master (payer) account that pays the charges of all the member (linked) accounts.
  9. Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud?

    • Managing edge locations
    • Physical security
    • Firewall configuration
    • Global infrastructure
  10. How can an AWS user with an AWS Basic Support plan obtain technical assistance from AWS?

    • AWS Senior Support Engineers
    • AWS Technical Account Managers
    • AWS Trusted Advisor
    • AWS Discussion Forums
  11. Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)

    • Multiple Availability Zones
    • Performance efficiency
    • Security
    • Encryption usage
    • High availability
  12. After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

    • No upfront payment
    • Hourly on-demand payment
    • Partial upfront payment
    • All upfront payment
  13. What is an advantage of deploying an application across multiple Availability Zones?

    • There is a lower risk of service failure if a natural disaster causes a service disruption in a given AWS Region.
    • The application will have higher availability because it can withstand a service disruption in one Availability Zone.
    • There will be better coverage as Availability Zones are geographically distant and can serve a wider area.
    • There will be decreased application latency that will improve the user experience.
  14. A Cloud Practitioner is asked how to estimate the cost of using a new application on AWS.

    What is the MOST appropriate response?

    • Inform the user that AWS pricing allows for on-demand pricing.
    • Direct the user to the AWS Simple Monthly Calculator for an estimate.
    • Use Amazon QuickSight to analyze current spending on-premises.
    • Use Amazon AppStream 2.0 for real-time pricing analytics.
  15. A company wants to migrate its applications to a VPC on AWS. These applications will need to access on-premises resources.

    What combination of actions will enable the company to accomplish this goal? (Choose two.)

    • Use the AWS Service Catalog to identify a list of on-premises resources that can be migrated.
    • Build a VPN connection between an on-premises device and a virtual private gateway in the new VPC.
    • Use Amazon Athena to query data from the on-premises database servers.
    • Connect the company’s on-premises data center to AWS using AWS Direct Connect.
    • Leverage Amazon CloudFront to restrict access to static web content provided through the company’s on-premises web servers.
  16. A web application running on AWS has been spammed with malicious requests from a recurring set of IP addresses.

    Which AWS service can help secure the application and block the malicious traffic?

    • AWS IAM
    • Amazon GuardDuty
    • Amazon Simple Notification Service (Amazon SNS)
    • AWS WAF
    Explanation:
    AWS WAF is a web application firewall that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. You can use AWS WAF to define customizable web security rules that control which traffic accesses your web applications. If you use AWS Shield Advanced, you can use AWS WAF at no extra cost for those protected resources and can engage the DRT to create WAF rules.
  17. Treating infrastructure as code in the AWS Cloud allows users to:

    • automate migration of on-premises hardware to AWS data centers.
    • let a third party automate an audit of the AWS infrastructure.
    • turn over application code to AWS so it can run on the AWS infrastructure.
    • automate the infrastructure provisioning process.
  18. A company requires a dedicated network connection between its on-premises servers and the AWS Cloud.

    Which AWS service should be used?

    • AWS VPN
    • AWS Direct Connect
    • Amazon API Gateway
    • Amazon Connect
    Explanation:
    You can use AWS Direct Connect to establish a private virtual interface from your on-premise network directly to your Amazon VPC, providing you with a private, high bandwidth network connection between your network and your VPC. With multiple virtual interfaces, you can even establish private connectivity to multiple VPCs while maintaining network isolation.
  19. Which AWS service can be used to query stored datasets directly from Amazon S3 using standard SQL?

    • AWS Glue
    • AWS Data Pipeline
    • Amazon CloudSearch
    • Amazon Athena
    Explanation:
    Amazon Athena is defined as “an interactive query service that makes it easy to analyse data directly in Amazon Simple Storage Service (Amazon S3) using standard SQL.” So, it’s another SQL query engine for large data sets stored in S3. This is very similar to other SQL query engines, such as Apache Drill. But unlike Apache Drill, Athena is limited to data only from Amazon’s own S3 storage service. However, Athena is able to query a variety of file formats, including, but not limited to CSV, Parquet, JSON, etc.
  20. AWS CloudFormation is designed to help the user:

    • model and provision resources.
    • update application code.
    • set up data lakes.
    • create reports for billing.
    Explanation:
    AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third party resources.
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments