Practice Free CLF-C02 Exam Online Questions
Question #61
Which AWS service uses edge locations to cache content?
- A . Amazon Kinesis
- B . Amazon Simple Queue Service (Amazon SQS)
- C . Amazon CloudFront
- D . Amazon Route 53
Correct Answer: C
C
Explanation:
Amazon CloudFront is a content delivery network (CDN) that uses edge locations to cache content closer to users, reducing latency and improving performance. It supports the delivery of web content, such as videos and images, by caching copies at edge locations around the world. Amazon Kinesis, SQS, and Route 53 do not utilize edge locations for content caching.
C
Explanation:
Amazon CloudFront is a content delivery network (CDN) that uses edge locations to cache content closer to users, reducing latency and improving performance. It supports the delivery of web content, such as videos and images, by caching copies at edge locations around the world. Amazon Kinesis, SQS, and Route 53 do not utilize edge locations for content caching.
Question #62
A company is planning to migrate to the AWS Cloud. The company is conducting organizational transformation and wants to become more responsive to customer inquiries and feedback.
Which tasks should the company perform to meet these requirements, according to the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)
- A . Realign teams to focus on products and value streams.
- B . Create new value propositions with new products and services.
- C . Use agile methods to rapidly iterate and evolve.
- D . Use a new data and analytics platform to create actionable insights.
- E . Migrate and modernize legacy infrastructure.
Correct Answer: E
E
Explanation:
Realigning teams to focus on products and value streams, and using agile methods to rapidly iterate and evolve are tasks that the company should perform to meet the requirements of becoming more responsive to customer inquiries and feedback, according to the AWS Cloud Adoption Framework (AWS CAF). AWS CAF organizes guidance into six areas of focus, called perspectives: business, people, governance, platform, security, and operations. Each perspective is divided into capabilities, which describe the skills and processes to execute the transition effectively. The people perspective helps you prepare your organization for cloud adoption, and includes capabilities such as organizational change management, staff skills and readiness, and organizational alignment. The business perspective helps you align IT strategy with business strategy, and includes capabilities such as business case development, value proposition, and product ownership. Creating new value propositions with new products and services is a task that belongs to the business perspective, but it is not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Using a new data and analytics platform to create actionable insights is a task that belongs to the platform perspective, which helps you design, implement, and optimize the architecture of the AWS environment. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Migrating and modernizing legacy infrastructure is a task that belongs to the operations perspective, which helps you enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback.
E
Explanation:
Realigning teams to focus on products and value streams, and using agile methods to rapidly iterate and evolve are tasks that the company should perform to meet the requirements of becoming more responsive to customer inquiries and feedback, according to the AWS Cloud Adoption Framework (AWS CAF). AWS CAF organizes guidance into six areas of focus, called perspectives: business, people, governance, platform, security, and operations. Each perspective is divided into capabilities, which describe the skills and processes to execute the transition effectively. The people perspective helps you prepare your organization for cloud adoption, and includes capabilities such as organizational change management, staff skills and readiness, and organizational alignment. The business perspective helps you align IT strategy with business strategy, and includes capabilities such as business case development, value proposition, and product ownership. Creating new value propositions with new products and services is a task that belongs to the business perspective, but it is not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Using a new data and analytics platform to create actionable insights is a task that belongs to the platform perspective, which helps you design, implement, and optimize the architecture of the AWS environment. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Migrating and modernizing legacy infrastructure is a task that belongs to the operations perspective, which helps you enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback.
35 1. A company is building an application on AWS. The application needs to comply with credit card regulatory requirements. The company needs proof that the AWS services and deployment are in compliance.
Which actions should the company take to meet these requirements? (Select TWO.)
Question #63
A company needs to migrate a PostgreSQL database from on-premises to Amazon RDS.
Which AWS service or tool should the company use to meet this requirement?
- A . Cloud Adoption Readiness Tool
- B . AWS Migration Hub
- C . AWS Database Migration Service (AWS DMS)
- D . AWS Application Migration Service
Correct Answer: C
C
Explanation:
AWS Database Migration Service (AWS DMS) is a managed and automated service that helps you migrate your databases from your on-premises or cloud environment to AWS, either as a one-time migration or as a continuous replication. AWS DMS supports migration between 20-plus database and analytics engines, such as PostgreSQL, Oracle, MySQL, SQL Server, MongoDB, Amazon Aurora, Amazon RDS, Amazon Redshift, and Amazon S3. AWS DMS also provides schema conversion and validation tools, as well as monitoring and security features. AWS DMS is a cost-effective and reliable solution for database migration, as you only pay for the compute resources and additional log storage used during the migration process, and you can minimize the downtime and data loss with Multi-AZ and ongoing replication12
To migrate a PostgreSQL database from on-premises to Amazon RDS using AWS DMS, you need to perform the following steps:
Create an AWS DMS replication instance in the same AWS Region as your target Amazon RDS PostgreSQL DB instance. The replication instance is a server that runs the AWS DMS replication software and connects to your source and target endpoints. You can choose the instance type, storage, and network settings based on your migration requirements3
Create a source endpoint that points to your on-premises PostgreSQL database. You need to provide the connection details, such as the server name, port, database name, user name, and password. You also need to specify the engine name as postgres and the SSL mode as required4
Create a target endpoint that points to your Amazon RDS PostgreSQL DB instance. You need to provide the connection details, such as the server name, port, database name, user name, and password. You also need to specify the engine name as postgres and the SSL mode as verify-full. Create a migration task that defines the migration settings and options, such as the replication instance, the source and target endpoints, the migration type (full load, full load and change data capture, or change data capture only), the table mappings, the task settings, and the task monitoring role. You can also use the AWS Schema Conversion Tool (AWS SCT) to convert your source schema to the target schema and apply it to the target endpoint before or after creating the migration task. Start the migration task and monitor its progress and status using the AWS DMS console, the AWS
CLI, or the AWS DMS API. You can also use AWS CloudFormation to automate the creation and execution of the migration task.
The other options are not suitable for migrating a PostgreSQL database from on-premises to Amazon RDS. Cloud Adoption Readiness Tool is a tool that helps you assess your readiness for cloud adoption based on six dimensions: business, people, process, platform, operations, and security. It does not perform any database migration tasks. AWS Migration Hub is a service that helps you track and manage the progress of your application migrations across multiple AWS and partner services, such as AWS DMS, AWS Application Migration Service, AWS Server Migration Service, and CloudEndure Migration. It does not perform any database migration tasks itself, but rather integrates with other migration services. AWS Application Migration Service is a service that helps you migrate your applications from your on-premises or cloud environment to AWS without making any changes to the applications, their architecture, or the migrated servers. It does not support database migration, but rather replicates your servers as Amazon Machine Images (AMIs) and launches them as EC2 instances on AWS.
References: AWS Database Migration Service, What is AWS Database Migration Service?, Working with an AWS DMS replication instance, Creating source and target endpoints for PostgreSQL, [Creating a target endpoint for Amazon RDS for PostgreSQL], [Creating a migration task for AWS DMS], [AWS Schema Conversion Tool], [Starting a migration task for AWS DMS], [AWS CloudFormation], [Cloud Adoption Readiness Tool], [AWS Migration Hub], [AWS Application Migration Service]
C
Explanation:
AWS Database Migration Service (AWS DMS) is a managed and automated service that helps you migrate your databases from your on-premises or cloud environment to AWS, either as a one-time migration or as a continuous replication. AWS DMS supports migration between 20-plus database and analytics engines, such as PostgreSQL, Oracle, MySQL, SQL Server, MongoDB, Amazon Aurora, Amazon RDS, Amazon Redshift, and Amazon S3. AWS DMS also provides schema conversion and validation tools, as well as monitoring and security features. AWS DMS is a cost-effective and reliable solution for database migration, as you only pay for the compute resources and additional log storage used during the migration process, and you can minimize the downtime and data loss with Multi-AZ and ongoing replication12
To migrate a PostgreSQL database from on-premises to Amazon RDS using AWS DMS, you need to perform the following steps:
Create an AWS DMS replication instance in the same AWS Region as your target Amazon RDS PostgreSQL DB instance. The replication instance is a server that runs the AWS DMS replication software and connects to your source and target endpoints. You can choose the instance type, storage, and network settings based on your migration requirements3
Create a source endpoint that points to your on-premises PostgreSQL database. You need to provide the connection details, such as the server name, port, database name, user name, and password. You also need to specify the engine name as postgres and the SSL mode as required4
Create a target endpoint that points to your Amazon RDS PostgreSQL DB instance. You need to provide the connection details, such as the server name, port, database name, user name, and password. You also need to specify the engine name as postgres and the SSL mode as verify-full. Create a migration task that defines the migration settings and options, such as the replication instance, the source and target endpoints, the migration type (full load, full load and change data capture, or change data capture only), the table mappings, the task settings, and the task monitoring role. You can also use the AWS Schema Conversion Tool (AWS SCT) to convert your source schema to the target schema and apply it to the target endpoint before or after creating the migration task. Start the migration task and monitor its progress and status using the AWS DMS console, the AWS
CLI, or the AWS DMS API. You can also use AWS CloudFormation to automate the creation and execution of the migration task.
The other options are not suitable for migrating a PostgreSQL database from on-premises to Amazon RDS. Cloud Adoption Readiness Tool is a tool that helps you assess your readiness for cloud adoption based on six dimensions: business, people, process, platform, operations, and security. It does not perform any database migration tasks. AWS Migration Hub is a service that helps you track and manage the progress of your application migrations across multiple AWS and partner services, such as AWS DMS, AWS Application Migration Service, AWS Server Migration Service, and CloudEndure Migration. It does not perform any database migration tasks itself, but rather integrates with other migration services. AWS Application Migration Service is a service that helps you migrate your applications from your on-premises or cloud environment to AWS without making any changes to the applications, their architecture, or the migrated servers. It does not support database migration, but rather replicates your servers as Amazon Machine Images (AMIs) and launches them as EC2 instances on AWS.
References: AWS Database Migration Service, What is AWS Database Migration Service?, Working with an AWS DMS replication instance, Creating source and target endpoints for PostgreSQL, [Creating a target endpoint for Amazon RDS for PostgreSQL], [Creating a migration task for AWS DMS], [AWS Schema Conversion Tool], [Starting a migration task for AWS DMS], [AWS CloudFormation], [Cloud Adoption Readiness Tool], [AWS Migration Hub], [AWS Application Migration Service]
Question #64
Which combination of AWS services can be used to move a commercial relational database to an Amazon-managed open-source database? (Select TWO.)
- A . AWS Database Migration Service (AWS DMS)
- B . AWS software development kits (SDKs)
- C . AWS Schema Conversion Tool
- D . AWS Systems Manager
- E . Amazon EMR
Correct Answer: A, C
A, C
Explanation:
AWS Database Migration Service (DMS) and AWS Schema Conversion Tool are the primary services for migrating a commercial relational database to an Amazon-managed open-source database. AWS DMS helps migrate the data, while the AWS Schema Conversion Tool converts the database schema from the source database format to the target format, including SQL code. AWS SDKs are for software development, AWS Systems Manager is for operational management, and Amazon EMR is for big data processing, which are not relevant to this use case.
A, C
Explanation:
AWS Database Migration Service (DMS) and AWS Schema Conversion Tool are the primary services for migrating a commercial relational database to an Amazon-managed open-source database. AWS DMS helps migrate the data, while the AWS Schema Conversion Tool converts the database schema from the source database format to the target format, including SQL code. AWS SDKs are for software development, AWS Systems Manager is for operational management, and Amazon EMR is for big data processing, which are not relevant to this use case.
Question #65
A company wants its Amazon EC2 instances to share the same geographic area but use redundant underlying power sources.
Which solution will meet these requirements?
- A . Use EC2 instances across multiple Availability Zones in the same AWS Region.
- B . Use Amazon CloudFront as the database for the EC2 instances.
- C . Use EC2 instances in the same edge location and the same Availability Zone.
- D . Use EC2 instances in AWS OpsWorks stacks in different AWS Regions.
Correct Answer: A
A
Explanation:
Using EC2 instances across multiple Availability Zones in the same AWS Region is a solution that meets the requirements of sharing the same geographic area but using redundant underlying power sources. Availability Zones are isolated locations within an AWS Region that have independent power, cooling, and physical security. They are connected through low-latency, high-throughput, and highly redundant networking. By launching EC2 instances in different Availability Zones, users can increase the fault tolerance and availability of their applications. Amazon CloudFront is a content delivery network (CDN) service that speeds up the delivery of web content and media to end users by caching it at the edge locations closer to them. It is not a database service and cannot be used to store operational data for EC2 instances. Edge locations are sites that are part of the Amazon CloudFront network and are located in many cities around the world. They are not the same as Availability Zones and do not provide redundancy for EC2 instances. AWS OpsWorks is a configuration management service that allows users to automate the deployment and management of applications using Chef or Puppet. It can be used to create stacks that span multiple AWS Regions, but this would not meet the requirement of sharing the same geographic area.
A
Explanation:
Using EC2 instances across multiple Availability Zones in the same AWS Region is a solution that meets the requirements of sharing the same geographic area but using redundant underlying power sources. Availability Zones are isolated locations within an AWS Region that have independent power, cooling, and physical security. They are connected through low-latency, high-throughput, and highly redundant networking. By launching EC2 instances in different Availability Zones, users can increase the fault tolerance and availability of their applications. Amazon CloudFront is a content delivery network (CDN) service that speeds up the delivery of web content and media to end users by caching it at the edge locations closer to them. It is not a database service and cannot be used to store operational data for EC2 instances. Edge locations are sites that are part of the Amazon CloudFront network and are located in many cities around the world. They are not the same as Availability Zones and do not provide redundancy for EC2 instances. AWS OpsWorks is a configuration management service that allows users to automate the deployment and management of applications using Chef or Puppet. It can be used to create stacks that span multiple AWS Regions, but this would not meet the requirement of sharing the same geographic area.
19 1. A company needs to design a solution for the efficient use of compute resources for an enterprise workload. The company needs to make informed decisions as its technology needs evolve .
Which pillar of the AWS Well-Architected Framework do these requirements represent?
Question #66
When a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS, which Amazon EC2 instance type is required?
- A . Spot Instances
- B . Dedicated Instances
- C . Dedicated Hosts
- D . Reserved Instances
Correct Answer: C
C
Explanation:
The correct answer is C because Dedicated Hosts are Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Dedicated Hosts are physical servers that are dedicated to a single customer. Dedicated Hosts allow customers to use their existing server-bound software licenses, such as Windows Server, SQL Server, and SUSE Linux Enterprise Server, subject to their license terms. The other options are incorrect because they are not Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Spot Instances are spare Amazon EC2 instances that are available at up to 90% discount compared to On-Demand prices. Spot Instances are suitable for stateless, fault-tolerant, and flexible workloads that can recover from interruptions easily. Dedicated Instances are Amazon EC2 instances that run on hardware that is dedicated to a single customer, but not to a specific physical server. Dedicated Instances do not allow customers to use their existing server-bound software licenses. Reserved Instances are Amazon EC2 instances that are reserved for a specific period of time (one or three years) in exchange for a lower hourly rate. Reserved Instances are suitable for steady-state or predictable workloads that run for a long duration. Reserved Instances do not allow customers to use their existing server-bound software licenses.
Reference: Dedicated Hosts, Amazon EC2 Instance Purchasing Options
C
Explanation:
The correct answer is C because Dedicated Hosts are Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Dedicated Hosts are physical servers that are dedicated to a single customer. Dedicated Hosts allow customers to use their existing server-bound software licenses, such as Windows Server, SQL Server, and SUSE Linux Enterprise Server, subject to their license terms. The other options are incorrect because they are not Amazon EC2 instances that are required when a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS. Spot Instances are spare Amazon EC2 instances that are available at up to 90% discount compared to On-Demand prices. Spot Instances are suitable for stateless, fault-tolerant, and flexible workloads that can recover from interruptions easily. Dedicated Instances are Amazon EC2 instances that run on hardware that is dedicated to a single customer, but not to a specific physical server. Dedicated Instances do not allow customers to use their existing server-bound software licenses. Reserved Instances are Amazon EC2 instances that are reserved for a specific period of time (one or three years) in exchange for a lower hourly rate. Reserved Instances are suitable for steady-state or predictable workloads that run for a long duration. Reserved Instances do not allow customers to use their existing server-bound software licenses.
Reference: Dedicated Hosts, Amazon EC2 Instance Purchasing Options
Question #67
A company wants to deploy a web application as a containerized application. The company wants to use a managed service that can automatically create container images from source code and deploy the containerized application.
Which AWS service will meet these requirements?
- A . AWS Elastic Beanstalk
- B . Amazon Elastic Container Service (Amazon ECS)
- C . AWS App Runner
- D . Amazon EC2
Correct Answer: C
C
Explanation:
AWS App Runner is a fully managed service that makes it easy for developers to quickly deploy containerized web applications and APIs at scale. It can automatically build container images from source code or directly from a container registry, and then deploy the application without requiring deep container knowledge or expertise.
AWS App Runner meets the requirements of:
Automatically creating container images from source code.
Managing the deployment of the containerized application with minimal operational overhead.
Why other options are not suitable:
C
Explanation:
AWS App Runner is a fully managed service that makes it easy for developers to quickly deploy containerized web applications and APIs at scale. It can automatically build container images from source code or directly from a container registry, and then deploy the application without requiring deep container knowledge or expertise.
AWS App Runner meets the requirements of:
Automatically creating container images from source code.
Managing the deployment of the containerized application with minimal operational overhead.
Why other options are not suitable:
Question #68
Which of the following is a characteristic of the AWS account root user?
- A . The root user is the only user that can be configured with multi-factor authentication (MFA).
- B . The root user is the only user that can access the AWS Management Console.
- C . The root user is the first sign-in identity that is available when an AWS account is created.
- D . The root user has a password that cannot be changed.
Correct Answer: C
C
Explanation:
The AWS account root user is the first sign-in identity that is available when an AWS account is created. It has complete access to all AWS services and resources in the account. The root user email address and password are the same credentials that are used to sign in to the AWS Management Console4. The root user should be used only to perform a few account and service management tasks. For day-to-day tasks, it is recommended to use AWS Identity and Access Management (IAM) users or roles instead.
C
Explanation:
The AWS account root user is the first sign-in identity that is available when an AWS account is created. It has complete access to all AWS services and resources in the account. The root user email address and password are the same credentials that are used to sign in to the AWS Management Console4. The root user should be used only to perform a few account and service management tasks. For day-to-day tasks, it is recommended to use AWS Identity and Access Management (IAM) users or roles instead.
Question #69
A company needs a firewall that will control network connections to and from a single Amazon EC2 instance. This firewall will not control network connections to and from other instances that are in the same subnet.
Which AWS service or feature can the company use to meet these requirements?
- A . Network ACL
- B . AWS WAF
- C . Route table
- D . Security group
Correct Answer: D
D
Explanation:
A Security Group acts as a virtual firewall for your Amazon EC2 instances to control inbound and outbound traffic. It provides granular control over network connections to and from a specific EC2
instance or set of instances. Unlike Network ACLs, which operate at the subnet level, Security Groups operate at the instance level, allowing control over network traffic for individual instances.
D
Explanation:
A Security Group acts as a virtual firewall for your Amazon EC2 instances to control inbound and outbound traffic. It provides granular control over network connections to and from a specific EC2
instance or set of instances. Unlike Network ACLs, which operate at the subnet level, Security Groups operate at the instance level, allowing control over network traffic for individual instances.
Question #70
Which AWS service can provide a dedicated network connection with consistent low latency from on premises to the AWS Cloud?
- A . Amazon VPC
- B . Amazon Kinesis Data Streams
- C . AWS Direct Connect
- D . Amazon OpenSearch Service
Correct Answer: C
C
Explanation:
AWS Direct Connect is a service that provides a dedicated network connection from on premises to the AWS Cloud. It can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections. It can also provide low latency for applications that require real-time data transfer4. Amazon VPC is a service that provides a logically isolated section of the AWS Cloud where users can launch AWS resources in a virtual network that they define. Amazon Kinesis Data Streams is a service that provides a scalable and durable stream of data records for real-time data processing. Amazon OpenSearch Service is a service that provides a fully managed, scalable, and secure search and analytics solution that is compatible with Elasticsearch.
C
Explanation:
AWS Direct Connect is a service that provides a dedicated network connection from on premises to the AWS Cloud. It can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections. It can also provide low latency for applications that require real-time data transfer4. Amazon VPC is a service that provides a logically isolated section of the AWS Cloud where users can launch AWS resources in a virtual network that they define. Amazon Kinesis Data Streams is a service that provides a scalable and durable stream of data records for real-time data processing. Amazon OpenSearch Service is a service that provides a fully managed, scalable, and secure search and analytics solution that is compatible with Elasticsearch.