Practice Free CLF-C02 Exam Online Questions
Question #151
A company wants to migrate its database to a managed AWS service that is compatible with PostgreSQL.
Which AWS services will meet these requirements? (Select TWO)
- A . Amazon Athena
- B . Amazon RDS
- C . Amazon EC2
- D . Amazon DynamoDB
- E . Amazon Aurora
Correct Answer: BE
BE
Explanation:
Amazon RDS and Amazon Aurora are both managed AWS services that support the PostgreSQL database engine. Amazon RDS makes it easier to set up, operate, and scale PostgreSQL deployments on the cloud, while Amazon Aurora is a cloud-native database engine that is compatible with PostgreSQL and offers higher performance and availability. Amazon Athena is a serverless query service that does not support PostgreSQL, but can analyze data in Amazon S3 using standard SQL. Amazon EC2 is a compute service that allows users to launch virtual machines, but does not provide any database management features. Amazon DynamoDB is a NoSQL database service that is not compatible with PostgreSQL, but offers fast and consistent performance at any scale.
References: Hosted PostgreSQL – Amazon RDS for PostgreSQL – AWS, Amazon RDS for PostgreSQL – Amazon Relational Database Service, AWS PostgreSQL: Managed or Self-Managed? – NetApp, AWS Announces Amazon Aurora Supports PostgreSQL 12 – InfoQ, Amazon Aurora vs PostgreSQL | What are the differences? – StackShare
BE
Explanation:
Amazon RDS and Amazon Aurora are both managed AWS services that support the PostgreSQL database engine. Amazon RDS makes it easier to set up, operate, and scale PostgreSQL deployments on the cloud, while Amazon Aurora is a cloud-native database engine that is compatible with PostgreSQL and offers higher performance and availability. Amazon Athena is a serverless query service that does not support PostgreSQL, but can analyze data in Amazon S3 using standard SQL. Amazon EC2 is a compute service that allows users to launch virtual machines, but does not provide any database management features. Amazon DynamoDB is a NoSQL database service that is not compatible with PostgreSQL, but offers fast and consistent performance at any scale.
References: Hosted PostgreSQL – Amazon RDS for PostgreSQL – AWS, Amazon RDS for PostgreSQL – Amazon Relational Database Service, AWS PostgreSQL: Managed or Self-Managed? – NetApp, AWS Announces Amazon Aurora Supports PostgreSQL 12 – InfoQ, Amazon Aurora vs PostgreSQL | What are the differences? – StackShare
Question #152
Which AWS service or tool provides users with a graphical interface that they can use to manage AWS services?
- A . AWS Copilot
- B . AWS CLI
- C . AWS Management Console
- D . AWS software development kits (SDKs)
Correct Answer: C
C
Explanation:
The AWS Management Console provides a web-based graphical user interface (GUI) that allows users to manage AWS services. It is user-friendly and accessible, enabling users to control and configure resources without needing to interact with AWS through code or command-line interfaces. AWS CLI and SDKs are command-line and programming tools, respectively, and do not offer a graphical interface.
C
Explanation:
The AWS Management Console provides a web-based graphical user interface (GUI) that allows users to manage AWS services. It is user-friendly and accessible, enabling users to control and configure resources without needing to interact with AWS through code or command-line interfaces. AWS CLI and SDKs are command-line and programming tools, respectively, and do not offer a graphical interface.
Question #153
A company wants to ensure that all of its Amazon EC2 instances have compliant operating system patches.
Which AWS service will meet these requirements?
- A . AWS Compute Optimizer
- B . AWS Elastic Beanstalk
- C . AWS AppSync
- D . AWS Systems Manager
Correct Answer: D
D
Explanation:
AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. You can use Systems Manager to apply OS patches, create system images, configure Windows and Linux operating systems, and execute PowerShell commands5. Systems Manager can help you ensure that all of your Amazon EC2 instances have compliant operating system patches by using the Patch Manager feature.
D
Explanation:
AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. You can use Systems Manager to apply OS patches, create system images, configure Windows and Linux operating systems, and execute PowerShell commands5. Systems Manager can help you ensure that all of your Amazon EC2 instances have compliant operating system patches by using the Patch Manager feature.
39 1. Which task must a user perform by using the AWS account root user credentials?
Question #154
Which of the following is a pillar of the AWS Well-Architected Framework?
- A . Redundancy
- B . Operational excellence
- C . Availability
- D . Multi-Region
Correct Answer: B
B
Explanation:
The AWS Well-Architected Framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. Based on five pillars ― operational excellence, security, reliability, performance efficiency, and cost optimization ― the Framework provides a consistent approach for customers and partners to evaluate architectures, and implement designs that can scale over time. Operational excellence is one of the pillars of the Framework, and it focuses on running and monitoring systems to deliver business value, and continually improving processes and procedures.
B
Explanation:
The AWS Well-Architected Framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. Based on five pillars ― operational excellence, security, reliability, performance efficiency, and cost optimization ― the Framework provides a consistent approach for customers and partners to evaluate architectures, and implement designs that can scale over time. Operational excellence is one of the pillars of the Framework, and it focuses on running and monitoring systems to deliver business value, and continually improving processes and procedures.
Question #155
An ecommerce company has deployed a new web application on Amazon EC2 Instances. The company wants to distribute incoming HTTP traffic evenly across all running instances .
Which AWS service or resource will meet this requirement?
- A . Amazon EC2 Auto Scaling
- B . Application Load Balancer
- C . Gateway Load Balancer
- D . Network Load Balancer
Correct Answer: B
B
Explanation:
An Application Load Balancer (ALB) is the best choice for distributing incoming HTTP/HTTPS traffic evenly across multiple Amazon EC2 instances. It operates at the application layer (Layer 7 of the OSI model) and is specifically designed to handle HTTP and HTTPS traffic, which is ideal for web applications.
Here is why the ALB is the correct choice:
Layer 7 Load Balancing: The ALB works at the application layer and provides advanced routing capabilities based on content. It can inspect the incoming HTTP requests and make decisions on how to route traffic to various backend targets, which include Amazon EC2 instances, containers, or Lambda functions. This is particularly useful for web applications where you need to make routing
decisions based on HTTP headers, paths, or query strings.
HTTP and HTTPS Support: The ALB natively supports HTTP and HTTPS protocols, making it the ideal load balancer for web-based applications. It can efficiently manage and route these types of traffic and handle tasks such as SSL/TLS termination.
Health Checks: The ALB can continuously monitor the health of the registered EC2 instances and only route traffic to healthy instances. This ensures high availability and reliability of the web application. Path-based and Host-based Routing: The ALB can route traffic based on the URL path or host header. This feature allows the same load balancer to serve multiple applications hosted on different domains or subdomains.
Integration with Auto Scaling: The ALB can integrate seamlessly with Amazon EC2 Auto Scaling. As the number of EC2 instances increases or decreases, the ALB automatically includes the new instances in its traffic distribution pool, ensuring even distribution of incoming requests. WebSocket Support: It also supports WebSocket and HTTP/2 protocols, which are essential for modern web applications that require real-time, bidirectional communication .
Why other options are not suitable:
B
Explanation:
An Application Load Balancer (ALB) is the best choice for distributing incoming HTTP/HTTPS traffic evenly across multiple Amazon EC2 instances. It operates at the application layer (Layer 7 of the OSI model) and is specifically designed to handle HTTP and HTTPS traffic, which is ideal for web applications.
Here is why the ALB is the correct choice:
Layer 7 Load Balancing: The ALB works at the application layer and provides advanced routing capabilities based on content. It can inspect the incoming HTTP requests and make decisions on how to route traffic to various backend targets, which include Amazon EC2 instances, containers, or Lambda functions. This is particularly useful for web applications where you need to make routing
decisions based on HTTP headers, paths, or query strings.
HTTP and HTTPS Support: The ALB natively supports HTTP and HTTPS protocols, making it the ideal load balancer for web-based applications. It can efficiently manage and route these types of traffic and handle tasks such as SSL/TLS termination.
Health Checks: The ALB can continuously monitor the health of the registered EC2 instances and only route traffic to healthy instances. This ensures high availability and reliability of the web application. Path-based and Host-based Routing: The ALB can route traffic based on the URL path or host header. This feature allows the same load balancer to serve multiple applications hosted on different domains or subdomains.
Integration with Auto Scaling: The ALB can integrate seamlessly with Amazon EC2 Auto Scaling. As the number of EC2 instances increases or decreases, the ALB automatically includes the new instances in its traffic distribution pool, ensuring even distribution of incoming requests. WebSocket Support: It also supports WebSocket and HTTP/2 protocols, which are essential for modern web applications that require real-time, bidirectional communication .
Why other options are not suitable:
Question #156
A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure .
Which AWS service or feature should be used?
- A . Security groups
- B . AWS Firewall Manager
- C . IAM roles
- D . IAM user SSH keys
Correct Answer: C
C
Explanation:
IAM roles are a secure way to grant permissions to applications running on an Amazon EC2 instance to make calls to other AWS services. IAM roles are entities that have specific permissions policies attached to them. You can create an IAM role and associate it with an EC2 instance when you launch it or later. The applications on the instance can then use the temporary credentials provided by the role to access AWS resources that the role allows. This way, you do not have to store any long-term credentials or access keys on the instance, which reduces the risk of compromise or misuse12.
The other options are not correct, because:
Security groups are virtual firewalls that control the inbound and outbound traffic for your EC2 instances. Security groups do not grant permissions to access other AWS services, but rather filter the network traffic based on rules that you define3.
AWS Firewall Manager is a service that helps you centrally configure and manage firewall rules across your accounts and resources. AWS Firewall Manager works with AWS WAF, AWS Shield Advanced, and Amazon VPC security groups. AWS Firewall Manager does not grant permissions to access other AWS services, but rather helps you enforce consistent security policies across your AWS infrastructure4.
IAM user SSH keys are credentials that allow you to connect to your EC2 instance using SSH. SSH keys
do not grant permissions to access other AWS services, but rather authenticate your identity when
you log in to your instance5.
References:
Using an IAM role to grant permissions to applications running on Amazon EC2 instances – AWS Identity and Access Management
IAM roles for Amazon EC2 – Amazon Elastic Compute Cloud Security groups for your VPC – Amazon Virtual Private Cloud
What is AWS Firewall Manager? – AWS Firewall Manager
Connecting to your Linux instance using SSH – Amazon Elastic Compute Cloud
C
Explanation:
IAM roles are a secure way to grant permissions to applications running on an Amazon EC2 instance to make calls to other AWS services. IAM roles are entities that have specific permissions policies attached to them. You can create an IAM role and associate it with an EC2 instance when you launch it or later. The applications on the instance can then use the temporary credentials provided by the role to access AWS resources that the role allows. This way, you do not have to store any long-term credentials or access keys on the instance, which reduces the risk of compromise or misuse12.
The other options are not correct, because:
Security groups are virtual firewalls that control the inbound and outbound traffic for your EC2 instances. Security groups do not grant permissions to access other AWS services, but rather filter the network traffic based on rules that you define3.
AWS Firewall Manager is a service that helps you centrally configure and manage firewall rules across your accounts and resources. AWS Firewall Manager works with AWS WAF, AWS Shield Advanced, and Amazon VPC security groups. AWS Firewall Manager does not grant permissions to access other AWS services, but rather helps you enforce consistent security policies across your AWS infrastructure4.
IAM user SSH keys are credentials that allow you to connect to your EC2 instance using SSH. SSH keys
do not grant permissions to access other AWS services, but rather authenticate your identity when
you log in to your instance5.
References:
Using an IAM role to grant permissions to applications running on Amazon EC2 instances – AWS Identity and Access Management
IAM roles for Amazon EC2 – Amazon Elastic Compute Cloud Security groups for your VPC – Amazon Virtual Private Cloud
What is AWS Firewall Manager? – AWS Firewall Manager
Connecting to your Linux instance using SSH – Amazon Elastic Compute Cloud
Question #157
Which AWS service enables companies to deploy an application dose to end users?
- A . Amazon CloudFront
- B . AWS Auto Scaling
- C . AWS AppSync
- D . Amazon Route S3
Correct Answer: A
A
Explanation:
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront enables companies to deploy an application close to end users by caching the application’s content at edge locations that are geographically closer to the users. This reduces the network latency and improves the user experience. CloudFront also integrates with other AWS services, such as Amazon S3, Amazon EC2, AWS Lambda, AWS Shield, and AWS WAF, to provide a secure and scalable solution for delivering applications12.
References: What Is Amazon CloudFront? – Amazon CloudFront
Amazon CloudFront Features – Amazon CloudFront
A
Explanation:
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront enables companies to deploy an application close to end users by caching the application’s content at edge locations that are geographically closer to the users. This reduces the network latency and improves the user experience. CloudFront also integrates with other AWS services, such as Amazon S3, Amazon EC2, AWS Lambda, AWS Shield, and AWS WAF, to provide a secure and scalable solution for delivering applications12.
References: What Is Amazon CloudFront? – Amazon CloudFront
Amazon CloudFront Features – Amazon CloudFront
Question #158
A company has created an AWS Cost and Usage Report and wants to visualize the report.
Which AWS service should the company use to ingest and display this information?
- A . Amazon QuickSight
- B . Amazon Pinpoint
- C . Amazon Neptune
- D . Amazon Kinesis
Correct Answer: A
A
Explanation:
Amazon QuickSight is an AWS service that provides business intelligence and data visualization capabilities. Amazon QuickSight enables you to ingest, analyze, and display data from various sources, such as AWS Cost and Usage Reports, Amazon S3, Amazon Athena, Amazon Redshift, and Amazon RDS. You can use Amazon QuickSight to create interactive dashboards and charts that show insights and trends from your data. You can also share your dashboards and charts with other users or embed them into your applications.
A
Explanation:
Amazon QuickSight is an AWS service that provides business intelligence and data visualization capabilities. Amazon QuickSight enables you to ingest, analyze, and display data from various sources, such as AWS Cost and Usage Reports, Amazon S3, Amazon Athena, Amazon Redshift, and Amazon RDS. You can use Amazon QuickSight to create interactive dashboards and charts that show insights and trends from your data. You can also share your dashboards and charts with other users or embed them into your applications.
Question #159
Which AWS service uses AWS Compute Optimizer to provide sizing recommendations based on workload metrics?
- A . Amazon EC2
- B . Amazon RDS
- C . Amazon Lightsail
- D . AWS Step Functions
Correct Answer: A
A
Explanation:
Amazon EC2 is a web service that provides secure, resizable compute capacity in the cloud. It allows you to launch virtual servers, called instances, with different configurations of CPU, memory, storage, and networking resources. AWS Compute Optimizer analyzes the specifications and utilization metrics of your Amazon EC2 instances and generates recommendations for optimal instance types that can reduce costs and improve performance. You can view the recommendations on the AWS Compute Optimizer console or the Amazon EC2 console12.
Amazon RDS, Amazon Lightsail, and AWS Step Functions are not supported by AWS Compute Optimizer. Amazon RDS is a managed relational database service that lets you set up, operate, and scale a relational database in the cloud. Amazon Lightsail is an easy-to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan. AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly3.
A
Explanation:
Amazon EC2 is a web service that provides secure, resizable compute capacity in the cloud. It allows you to launch virtual servers, called instances, with different configurations of CPU, memory, storage, and networking resources. AWS Compute Optimizer analyzes the specifications and utilization metrics of your Amazon EC2 instances and generates recommendations for optimal instance types that can reduce costs and improve performance. You can view the recommendations on the AWS Compute Optimizer console or the Amazon EC2 console12.
Amazon RDS, Amazon Lightsail, and AWS Step Functions are not supported by AWS Compute Optimizer. Amazon RDS is a managed relational database service that lets you set up, operate, and scale a relational database in the cloud. Amazon Lightsail is an easy-to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan. AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly3.
Question #160
A company moves its infrastructure from on premises to the AWS Cloud. The company can now provision additional Amazon EC2 instances whenever the instances are required. With this ability, the company can launch new marketing campaigns in 3 days instead of 3 weeks .
Which benefit of the AWS Cloud does this scenario demonstrate?
- A . Cost savings
- B . Improved operational resilience
- C . Increased business agility
- D . Enhanced security
Correct Answer: C
C
Explanation:
Increased business agility is the benefit of the AWS Cloud that this scenario demonstrates. Business agility refers to the ability of a company to adapt to changing customer needs, market conditions, and competitive pressures. Moving to the AWS Cloud enables business agility by providing faster access to resources, lower upfront costs, and greater scalability and flexibility. By using the AWS Cloud, the company can launch new marketing campaigns in 3 days instead of 3 weeks, which shows that it can respond to customer feedback more quickly and efficiently. For more information, see Benefits of Cloud Computing and [Business Agility].
C
Explanation:
Increased business agility is the benefit of the AWS Cloud that this scenario demonstrates. Business agility refers to the ability of a company to adapt to changing customer needs, market conditions, and competitive pressures. Moving to the AWS Cloud enables business agility by providing faster access to resources, lower upfront costs, and greater scalability and flexibility. By using the AWS Cloud, the company can launch new marketing campaigns in 3 days instead of 3 weeks, which shows that it can respond to customer feedback more quickly and efficiently. For more information, see Benefits of Cloud Computing and [Business Agility].