CLF-C01 : AWS Certified Cloud Practitioner : Part 35
-
What is an IAM best practice for AWS account root user access keys?
- Delete all root user access keys, if possible.
- Use root user credentials to access sensitive information stored on AWS.
- Allow the system administrator group to use the root user credentials for daily access.
- Use root user credentials to access production database instances.
-
A company has performance and regulatory requirements that call for it to run its workload only on its on-premises data center.
Which AWS services or resources should the company use? (Choose two.)
- Amazon Pinpoint
- Amazon WorkLink
- AWS Outposts
- AWS Snowball Edge
- AWS AppSync
-
Elasticity in the AWS Cloud refers to which of the following? (Choose two.)
- How quickly an Amazon EC2 instance can be restarted
- The ability to rightsize resources as demand shifts
- The maximum amount of RAM an Amazon EC2 instance can use
- The pay-as-you-go billing model
- How easily resources can be produced when they are needed
-
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.
Where can the company purchase the security solution?
- AWS Partner Solutions Finder
- AWS Support Center
- AWS Management Console
- AWS Marketplace
-
A company needs to improve the response rate of high-volume queries to its relational database.
Which AWS service should the company use to offload requests to the database and improve overall response times?
- Amazon DynamoDB Accelerator (DAX)
- Amazon ElastiCache
- Elastic Load Balancing
- AWS Global Accelerator
-
Which AWS services or features enable users to connect on-premises networks to a VPC? (Choose two.)
- AWS VPN
- Elastic Load Balancing
- AWS Direct Connect
- VPC peering
- Amazon CloudFront
-
Which pillar of the AWS Well-Architected Framework specifies that resources be provisioned in a timely manner and scale as needed to maintain effectiveness as demand changes?
- Cost optimization
- Security
- Operational excellence
- Performance efficiency
-
An IT department provisions more servers than are needed to run a workload.
Which cloud architecture design principle supports changing this approach?
- Protect data in transit and at rest.
- Stop guessing capacity.
- Improve through game days.
- Annotate documentation.
-
A solutions architect needs to create a cost estimate for running workloads on AWS. The cost estimate must then be exported for management review.
Which AWS service or feature should be used to accomplish these task?
- Cost Explorer
- Amazon QuickSight
- AWS Pricing Calculator
- AWS Budgets
-
Which AWS service should a company use to decouple large monolithic applications into smaller microservices components?
- AWS Direct Connect
- Amazon Lightsail
- Amazon Simple Queue Service (Amazon SQS)
- Amazon CloudWatch
-
A company has defined the AWS resources that it needs for a new application. The company needs to estimate the costs of running the application on AWS.
What should the company do to meet this requirement?
- Take advantage of AWS on-demand pricing.
- Use the AWS Pricing Calculator to generate an approximate dollar amount.
- Use Amazon QuickSight to analyze current on-premises spending.
- Use Amazon AppStream 2.0 for real-time pricing analytics.
-
A company has a globally distributed user base. The company needs its application to be highly available and have low latency for end users.
Which AWS architectural approach will MOST effectively support these requirements?
- Single-Region, Multi-AZ architecture
- Multi-Region, active-active architecture
- Multi-Region, active-passive architecture
- Single-Region, Single-AZ architecture
-
Which AWS service or feature for technical assistance is available to a user who has the AWS Basic Support plan?
- AWS senior support engineers
- AWS technical account manager (TAM)
- AWS Trusted Advisor
- AWS Discussion Forums
-
A company needs to migrate its on-premises data to the AWS Cloud. The company requires elastic, highly optimized connectivity.
Which AWS service meets these requirements?
- Amazon S3 Glacier
- AWS Storage Gateway
- AWS Backup
- Amazon Elastic File System (Amazon EFS)
-
When an Amazon EC2 instance is terminated, which AWS service can identify the user that made the API call?
- Amazon CloudWatch
- AWS CloudTrail
- AWS X-Ray
- AWS Identity and Access Management (IAM)
-
Which controls does the customer fully inherit from AWS in the AWS shared responsibility model?
- Patch management controls
- Awareness and training controls
- Physical and environmental controls
- Configuration management controls
-
Which feature can be used to protect Amazon S3 buckets from accidental overwrites or deletes?
- Lifecycle policy
- object versioning
- Server-side encryption
- Bucket ACL
-
Which of the following are AWS security best practices for using AWS Identity and Access Management (IAM) to manage an AWS account root user? (Choose two.)
- Set up multi-factor authentication (MFA) for the root user.
- Remove all IAM policies from the root user.
- Delete the root user access keys.
- Use the root user for daily tasks.
- Assign a read-only access policy to the root user.
-
Service control policies (SCPs) manage permissions for which of the following?
- Availability Zones
- AWS Regions
- AWS Organizations
- Edge locations
-
A database administrator is trying to determine who deleted a critical Amazon Redshift cluster.
Which AWS service helps with monitoring and retaining this type of account activity?
- AWS CloudTrail
- AWS Organizations
- AWS Identity and Access Management (IAM)
- AWS Trusted Advisor
Subscribe
0 Comments
Newest