AWS Certified Cloud Practitioner CLF-C01 Exam Question 201-240


Question 1. Which principles are used to architect applications for reliability on the AWS Cloud? (Choose two.)

A. Design for automated failure recovery
B. Use multiple Availability Zones
C. Manage changes via documented processes
D. Test for moderate demand to ensure reliability
E. Backup recovery to an on-premises environment

Question 2. What tasks should a customer perform when that customer suspects an AWS account has been compromised? (Choose two.)

A. Rotate passwords and access keys.
B. Remove MFA tokens.
C. Move resources to a different AWS Region.
D. Delete AWS CloudTrail Resources.
E. Contact AWS Support.

Question 3. What is an example of high availability in the AWS Cloud?

A. Consulting AWS technical support at any time day or night
B. Ensuring an application remains accessible, even if a resource fails
C. Making any AWS service available for use by paying on demand
D. Deploying in any part of the world using AWS Regions

Question 4. Which AWS security service protects applications from distributed denial of service attacks with always-on detection and automatic inline mitigations?

A. Amazon Inspector
B. AWS Web Application Firewall (AWS WAF)
C. Elastic Load Balancing (ELB)
D. AWS Shield

Question 5. A company wants to monitor the CPU usage of its Amazon EC2 resources.
Which AWS service should the company use?

A. AWS CloudTrail
B. Amazon CloudWatch
C. AWS Cost and Usage report
D. Amazon Simple Notification Service (Amazon SNS)

Question 6. What is an AWS Identity and Access Management (IAM) role?

A. A user associated with an AWS resource
B. A group associated with an AWS resource
C. An entity that defines a set of permissions for use with an AWS resource
D. An authentication credential associated with a multi-factor authentication (MFA) token

Question 7. What are the advantages of Reserved Instances? (Choose two.)

A. They provide a discount over on-demand pricing.
B. They provide access to additional instance types.
C. They provide additional networking capability.
D. Customers can upgrade instances as new types become available.
E. Customers can reserve capacity in an Availability Zone.

Question 8. How do Amazon EC2 Auto Scaling groups help achieve high availability for a web application?

A. They automatically add more instances across multiple AWS Regions based on global demand of the application.
B. They automatically add or replace instances across multiple Availability Zones when the application needs it.
C. They enable the application’s static content to reside closer to end users.
D. They are able to distribute incoming requests across a tier of web server instances.

Question 9. How can one AWS account use Reserved Instances from another AWS account?

A. By using Amazon EC2 Dedicated Instances
B. By using AWS Organizations consolidated billing
C. By using the AWS Cost Explorer tool
D. By using AWS Budgets

Question 10. A customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds.
For how much time will the customer be billed?

A. 3 hours, 5 minutes
B. 3 hours, 5 minutes, and 6 seconds
C. 3 hours, 6 minutes
D. 4 hours

Question 11. Which of the following AWS services provide compute resources? (Choose two.)

A. AWS Lambda
B. Amazon Elastic Container Service (Amazon ECS)
C. AWS CodeDeploy
D. Amazon Glacier
E. AWS Organizations

Question 12. Which AWS service enables users to deploy infrastructure as code by automating the process of provisioning resources?

A. Amazon GameLift
B. AWS CloudFormation
C. AWS Data Pipeline
D. AWS Glue

Question 13. Which AWS services provide a way to extend an on-premises architecture to the AWS Cloud? (Choose two.)

A. Amazon EBS
B. AWS Direct Connect
C. Amazon CloudFront
D. AWS Storage Gateway
E. Amazon Connect

Question 14. Which of the following allows users to provision a dedicated network connection from their internal network to AWS?

B. AWS Direct Connect
D. Amazon Connect

Question 15. Which services use AWS edge locations? (Choose two.)

A. Amazon CloudFront
B. AWS Shield
C. Amazon EC2
D. Amazon RDS
E. Amazon ElastiCache
16. Which service would provide network connectivity in a hybrid architecture that includes the AWS Cloud?

A. Amazon VPC
B. AWS Direct Connect
C. AWS Directory Service
D. Amazon API Gateway

Question 17. Which tool can be used to compare the costs of running a web application in a traditional hosting environment to running it on AWS?

A. AWS Cost Explorer
B. AWS Budgets
C. AWS Cost and Usage report
D. AWS Total Cost of Ownership (TCO) Calculator

Question 18. What is the value of using third-party software from AWS Marketplace instead of installing third-party software on Amazon EC2? (Choose two.)

A. Users pay for software by the hour or month depending on licensing.
B. AWS Marketplace enables the user to launch applications with 1-Click.
C. AWS Marketplace data encryption is managed by a third-party vendor.
D. AWS Marketplace eliminates the need to upgrade to newer software versions.
E. Users can deploy third-party software without testing.

Question 19. Which of the following is a cloud architectural design principle?

A. Scale up, not out.
B. Loosely couple components.
C. Build monolithic systems.
D. Use commercial database software.

Question 20. Under the shared responsibility model; which of the following areas are the customer’s responsibility? (Choose two.)

A. Firmware upgrades of network infrastructure
B. Patching of operating systems
C. Patching of the underlying hypervisor
D. Physical security of data centers
E. Configuration of the security group

Question 21. Which service enables customers to audit and monitor changes in AWS resources?

A. AWS Trusted Advisor
B. Amazon GuardDuty
C. Amazon Inspector
D. AWS Config

Question 22. Which AWS service identifies security groups that allow unrestricted access to a user’s AWS resources?

A. AWS CloudTrail
B. AWS Trusted Advisor
C. Amazon CloudWatch
D. Amazon Inspector

Question 23. According to the AWS shared responsibility model, who is responsible for configuration management?

A. It is solely the responsibility of the customer.
B. It is solely the responsibility of AWS.
C. It is shared between AWS and the customer.
D. It is not part of the AWS shared responsibility model.

Question 24. Which AWS service is a content delivery network that securely delivers data, video, and applications to users globally with low latency and high speeds?

A. AWS CloudFormation
B. AWS Direct Connect
C. Amazon CloudFront
D. Amazon Pinpoint

Question 25. Which benefit of the AWS Cloud supports matching the supply of resources with changing workload demands?

A. Security
B. Reliability
C. Elasticity
D. High availability

Question 26. A user is running an application on AWS and notices that one or more AWS-owned IP addresses is involved in a distributed denial-of-service (DDoS) attack. Who should the user contact FIRST about this situation?

A. AWS Premium Support
B. AWS Technical Account Manager
C. AWS Solutions Architect
D. AWS Abuse team

Question 27. Which of the following are benefits of hosting infrastructure in the AWS Cloud? (Choose two.)

A. There are no upfront commitments.
B. AWS manages all security in the cloud.
C. Users have the ability to provision resources on demand.
D. Users have access to free and unlimited storage.
E. Users have control over the physical infrastructure.

Question 28. What AWS service would be used to centrally manage AWS access policies across multiple accounts?

A. AWS Service Catalog
B. AWS Config
C. AWS Trusted Advisor
D. AWS Organizations

Question 29. What is AWS Trusted Advisor?

A. It is an AWS staff member who provides recommendations and best practices on how to use AWS.
B. It is a network of AWS partners who provide recommendations and best practices on how to use AWS.
C. It is an online tool with a set of automated checks that provides recommendations on cost optimization, performance, and security.
D. It is another name for AWS Technical Account Managers who provide recommendations on cost optimization, performance, and security.

Question 30. Which AWS service or feature allows a company to visualize, understand, and manage AWS costs and usage over time?

A. AWS Budgets
B. AWS Cost Explorer
C. AWS Organizations
D. Consolidated billing

Question 31. Which AWS service offers on-demand access to AWS security and compliance reports?

A. AWS CloudTrail
B. AWS Artifact
C. AWS Health
D. Amazon CloudWatch

Question 32. Which AWS services can host a Microsoft SQL Server database? (Select TWO.)

A. Amazon EC2
B. Amazon Relational Database Service (Amazon RDS)
C. Amazon Aurora
D. Amazon Redshift
E. Amazon S3

Question 33. Which AWS characteristics make AWS cost effective for a workload with dynamic user demand? (Select TWO.)

A. High availability
B. Shared security model
C. Elasticity
D. Pay-as-you-go pricing
E. Reliability

Question 34. Which of the following are characteristics of Amazon S3? (Select TWO.)

A. A global file system
B. An object store
C. A local file store
D. A network file system
E. A durable storage system

Question 35. Which services can be used across hybrid AWS Cloud architectures? (Select TWO.)

A. Amazon Route 53
B. Virtual Private Gateway
C. Classic Load Balancer
D. Auto Scaling
E. Amazon CloudWatch default metrics

Question 36. Which AWS tools assist with estimating costs? (Select three.)

A. Detailed billing report
B. Cost allocation tags
C. AWS Simple Monthly Calculator
D. AWS Total Cost of Ownership (TCO) Calculator
E. Cost Estimator

Question 37. AWS supports which of the following methods to add security to Identity and Access Management (IAM) users? (Select TWO.)

A. Implementing Amazon Rekognition
B. Using AWS Shield-protected resources
C. Blocking access with Security Groups
D. Using Multi-Factor Authentication (MFA)
E. Enforcing password strength and expiration

Question 38. Which AWS services should be used for read/write of constantly changing data? (Select TWO.)

A. Amazon Glacier
B. Amazon RDS
C. AWS Snowball
D. Amazon Redshift
E. Amazon EFS

Question 39. Which of the following are features of Amazon CloudWatch Logs? (Select TWO.)

A. Summaries by Amazon Simple Notification Service (Amazon SNS)
B. Free Amazon Elasticsearch Service analytics
C. Provided at no charge
D. Real-time monitoring
E. Adjustable retention

Question 40. Which of the following are valid ways for a customer to interact with AWS services? (Select TWO.)

A. Command line interface
B. On-premises
C. Software Development Kits
D. Software-as-a-service
E. Hybrid