Scroll down to see your responses and detailed results
Prepare for the AWS Cloud Practitioner CLF-C02 exam with our free practice test. Randomly generated and customizable, this test allows you to choose the number of questions.
A company wants to implement a method to organize their cloud billing records such that individual team expenditures are distinctly represented. Which approach would allow the accounting department to generate detailed reports according to the associated team for each cloud resource usage?
Creating individual cloud service accounts for each team to separate costs.
Establishing Configuration Compliance rules to track team-based expenditures.
Activating tagging with team names and incorporating these tags in detailed billing records.
Implementing a uniform resource naming system based on team names.
Setting up separate budgets within the budget service for each team.
Activating tags for detailed billing lets the company label resources with specific team identifiers, and, once these tags are activated, they help break down expenditure in cost reports according to the tagged labels. 'Naming conventions' provide a way to identify resources but don't enable cost categorization in billing reports. 'Budgets' help in setting spending limits but don't detail cost allocation. 'Configuration Compliance' is not related to cost allocation, and 'Multiple accounts' would separate costs but may be overly complex and do not exploit the full capabilities of cost allocation tags.
Which service allows users to acquire essential security and regulatory documentation needed to understand the compliance status of their cloud environment?
AWS Security Hub
AWS Artifact
AWS Config
AWS Organizations
The correct answer is AWS Artifact because it is specifically designed to provide users with security and compliance documents, such as audit reports, that inform them about AWS compliance with global regulations, which is critical for customers managing cloud resources in different regulatory environments.
A company is looking to store large volumes of archival data, which they will need to access infrequently and are not required to be retrieved quickly when access is needed. As a cloud practitioner, which storage service and pricing category would you recommend to minimize costs while fulfilling their requirements?
Amazon EBS General Purpose SSD
Amazon S3 Standard-Infrequent Access
AWS Glacier Deep Archive
AWS Glacier
Amazon S3 Standard
Amazon S3 One Zone-Infrequent Access
AWS Glacier Deep Archive is an extremely low-cost storage service for data archiving and long-term backup. It is designed for data that is accessed very infrequently but still requires long-term retention. Data retrieval times of 12 hours or more are acceptable for this service, aligning well with the company's needs where immediate access is not crucial. The other options provided do not offer the same cost efficiency for the described archival use case.
Which Amazon S3 storage class is optimized for data that is accessed less frequently, but requires rapid access when needed?
Amazon S3 Standard-Infrequent Access
Amazon S3 Glacier
Amazon S3 Intelligent-Tiering
Amazon S3 One Zone-Infrequent Access
Amazon S3 Standard-Infrequent Access (S3 Standard-IA) is designed for data that is accessed less frequently, but requires rapid access when needed. It offers a lower storage price compared to Amazon S3 Standard, making it cost-effective for infrequently accessed data. On the other hand, S3 One Zone-IA is for infrequently accessed data that doesn't require the multiple Availability Zone data resilience, S3 Glacier is for long-term archival storage, and S3 Intelligent-Tiering automatically moves objects between different tiers based on changing access patterns.
A company is evaluating the advantages of migrating to the AWS Cloud. Which of the following scenarios BEST illustrates the combined benefits of high availability, elasticity, and agility in the AWS Cloud?
Purchasing excess on-premises server capacity in anticipation of a potential future traffic increase.
Utilizing Auto Scaling to launch instances in multiple Availability Zones, adapting to traffic surges while enabling rapid deployment of new features.
Deploying an application across two on-premises data centers for disaster recovery purposes.
Using a single EC2 instance that can be resized manually to accommodate an increase in web traffic.
Answer 'D' is correct because it encompasses the principles of high availability (multiple Availability Zones), elasticity (automatically adding resources to meet demand), and agility (quick deployment of resources). While 'A' refers to elasticity and 'B' to high availability, neither 'A' nor 'B' incorporates agility. Answer 'C' does not specifically address any of the three advantages.
When looking to find comprehensive guides and design patterns for building applications on the cloud, which resource should a developer consult to access a collection of structured sets of recommendations?
AWS technical whitepapers
AWS Prescriptive Guidance
AWS Pricing Calculator
AWS Management Console
The correct resource for finding comprehensive guides and architecture design patterns is AWS Prescriptive Guidance. It offers structured recommendations and best practices for cloud application development. Meanwhile, the AWS Pricing Calculator focuses on estimating costs for AWS services, not providing architectural guidance. The whitepapers are in-depth technical documents but do not offer the same interactive and structured recommendations as Prescriptive Guidance. Lastly, the Management Console is an interface for managing AWS services, not a source for architectural design patterns and guides.
Which Amazon service is designed to offer intelligent threat detection to aid in the protection of cloud environments?
Amazon GuardDuty
Amazon Inspector
AWS Security Hub
AWS Shield
Amazon GuardDuty is the correct answer because it is specifically designed as a threat detection service that continuously monitors for malicious or unauthorized activities. Amazon GuardDuty applies machine learning and anomaly detection to identify unexpected and potentially unauthorized or malicious activity within your cloud environment. AWS Security Hub provides a comprehensive view of security alerts and security posture across your accounts. Amazon Inspector is focused on the security assessment of applications running on the cloud, whereas AWS Shield specifically provides protection against DDoS attacks.
A business is in need of the most effective tool for a breakdown of charges, historical cost analysis, and answers to inquiries related to their monthly expenses incurred for cloud services. Which resource should they utilize?
Billing and Cost Management Dashboard
General product documentation
Customer support centers
Future cost estimation tools
The Billing and Cost Management Dashboard is the centralized tool for customers to access detailed billing statements, visualize past usage and costs, manage payment methods, and explore cost management features like budgets and alerts. While other resources such as general documentation or support services, as well as pricing estimations for future use, may offer assistance, the Dashboard is specifically tailored to give comprehensive billing insights and is the most direct resource for current billing information and queries.
Your client's application experiences intermittent spikes in demand throughout the week which can triple the baseline load. Outside of these spikes, the application maintains a predictable and steady baseline usage. What is the most cost-effective compute purchasing option that aligns with these demand patterns?
Use Savings Plans exclusively for both baseline and peak loads
Acquire Dedicated Hosts to cover the anticipated maximum load at all times
Deploy Spot Instances to cover both baseline and peak demand conditions
Combine Reserved Instances for baseline usage with On-Demand Instances for spikes
To accommodate both predictable baseline usage and intermittent spikes, the best approach is to combine Reserved Instances (RIs) for the baseline capacity with On-Demand Instances to handle peak loads. RIs offer a discounted hourly rate and capacity reservation, making them suitable for the steady baseline workload, while On-Demand Instances provide the flexibility to scale up without any upfront commitment, which is ideal for handling unpredictable spikes. Savings Plans require a commitment to a specific amount of usage (measured in $/hour) over 1 or 3 years and could lead to overcommitment during non-peak times. Meanwhile, Spot Instances offer the highest discounts but can be terminated by AWS when the spot price exceeds the bid price, which risks stability during demand spikes.
Which scenario is likely to result in additional costs for moving data?
Uploading a file to a cloud-based storage service from an on-premises server
Moving an object from a compute service in one region to a storage service in a different region
Moving an object from a compute service to a storage service in the same region
Snapshotting a volume to another volume on the same virtual server
The transfer of data across different geographical locations, or regions, incurs additional costs because it involves the use of extensive networking infrastructure to facilitate the transfer. On the other hand, transferring data within the same region or uploading to cloud storage from the internet generally does not incur extra charges.
Reserved Instances provide a discount compared to On-Demand pricing and also ensure capacity availability when launched in a specific Availability Zone.
False
True
This statement is true. Reserved Instances offer a significant discount over On-Demand Instance pricing, which can be up to 75% depending on the term and payment options. Moreover, when a Reserved Instance is specified for a particular Availability Zone, AWS reserves capacity for that instance, ensuring that the user can launch that instance when needed in the chosen Availability Zone. Other options like Spot Instances can offer even more significant savings but do not guarantee availability, while On-Demand Instances guarantee availability but at higher costs without upfront commitments.
A company requires detailed information on actions taken within their cloud environment, such as user actions and accesses, for compliance auditing. To address this need, which service should primarily be used to capture and record these interactions?
CloudTrail
Inspector
Security Hub
CloudWatch
The correct answer is AWS CloudTrail. It’s designed to capture and record all actions taken within an environment, like user accesses and API activities, which is crucial for auditing and compliance purposes. While Amazon CloudWatch provides monitoring and logging capabilities, it is not primarily used for recording API call history. AWS Security Hub focuses on security checks and consolidations of findings from various services but does not specifically track user actions or API calls. Amazon Inspector offers automated security assessment services and does not deal with logging and tracking of all interactions within an environment. Therefore, CloudTrail is the best fit for the requirement.
A company seeks a service that can collect and analyze security-related data across their cloud infrastructure to prioritize potential threats. Which service should they implement to achieve an overarching view and management of security alerts?
Security Hub
Inspector
Shield
CloudWatch
The service that fits this requirement is Security Hub because it integrates with various data sources, such as other security services and partner products, to provide a centralized view and management of security alerts and compliance status. It automatically aggregates and prioritizes findings to help focus on the highest risks. In contrast, Shield specializes in DDoS protection, Inspector offers automated vulnerability assessments for applications, and CloudWatch primarily provides monitoring for operational metrics rather than a comprehensive security analysis.
A company is looking to relocate a substantial amount of infrequently accessed data from their local data center to a cloud provider. The current internet connection is subpar, and secure, cost-efficient data transfer needs to be completed within a one-month period. Which migration strategy should they employ to meet these requirements?
Set up a dedicated network link directly between the local data center and the cloud environment.
Synchronize large datasets to a managed database service using built-in replication features.
Employ physical data transfer appliances to securely ship the data to the cloud storage service.
Initiate parallel data uploads using a fleet of virtual servers over the current internet link.
Using Snowball devices is the correct answer because this approach is designed for moving huge amounts of data without depending on the available bandwidth. It's particularly cost-effective for transferring data that spans terabytes to petabytes. Snowball also provides encryption, which secures the data during physical transit. This strategy is suitable for shifting infrequently accessed, large archival data when bandwidth is limited. In contrast, other options mentioned would either rely heavily on internet connectivity or are designed for more continuous data transfer needs rather than a one-off, bulk data migration.
A financial technology startup is looking to develop a new application that demands high scalability and instant responsiveness to financial events without the overhead of continuous server maintenance and capacity planning. Which service should the startup utilize to build its application back-end, focusing on coding business functionality while delegating the management of the compute resources to the service provider?
The containers-as-a-service offering that eliminates the need to provision, scale, and manage servers for containerized applications.
The event-driven, serverless computing platform which automatically manages the scaling and provisioning of compute resources.
The virtual server service that provides resizable compute capacity in the cloud.
The managed service for orchestration of containerized applications using the open-source Kubernetes system.
The correct choice is the service that allows developers to write and deploy code that executes in response to events, automatically handling the infrastructure management. This service is designed to handle sudden increases in usage, making it highly suitable for applications with unpredictable workloads. In contrast, the others mentioned are either compute instances requiring management, managed services for container orchestration, or containers as a service which do not offload the management of the orchestration layer.
Looks like thats it! You can go back and review your answers or click the button below to grade your test.
Join premium for unlimited access and more features