Amazon CLF-C02 Exam Practice Test Instant Access

Question 1

Which task can an IAM user perform without AWS account root user credentials?

AChange to a different AWS Support plan.

BClose an AWS account.

CView the AWS Billing console.

DActivate access to the AWS Billing console.

Answer : C

IAM Users and Billing Permissions:

IAM users with appropriate permissions can access and view the AWS Billing console.

The root user is required only for certain account-level tasks, such as changing support plans or closing accounts.

Why Other Options Are Incorrect:

A . Change to a different AWS Support plan: Requires root user credentials.

B . Close an AWS account: Requires root user credentials.

D . Activate access to the AWS Billing console: Requires root user credentials.

Controlling Access to the Billing Console

Question 2

Which design principle is related to the reliability pillar according to the AWS Well-Architected Framework?

ATest recovery procedures

BExperiment more often

CGo global in minutes

DAnalyze and attribute to expenditure

Answer : A

The reliability pillar of the AWS Well-Architected Framework includes the principle of testing recovery procedures to ensure systems can effectively recover from failures. Regular testing of recovery processes helps verify that systems are resilient and can handle potential disruptions. The other options align with different pillars like cost optimization and operational excellence.

Question 3

A company has a client that uses an Amazon RDS database. The client requests Information about operating system-level upgrades on the AWS resources that host the RDS database. The company employs a third-party provider to monitor the RDS database.

Who is responsible for upgrading the operating systems for Amazon RDS under the AWS shared responsibility model?

AThe client

BThe company

CAWS

DThe third-party provider

Answer : C

Under the AWS shared responsibility model, AWS is responsible for managing the underlying infrastructure, including operating system-level updates on managed services like Amazon RDS. Customers are responsible for managing the database instance and configurations, but AWS handles OS updates for the infrastructure supporting RDS.

Question 4

A company wants to use AWS. The company has stringent requirements about low-latency access to on-premises systems and data residency.

Which AWS service should the company use to design a solution that meets these requirements?

AAWS Wavelength

BAWS Transit Gateway

CAWS Ground Station

DAWS Outposts

Answer : D

AWS Outposts extend AWS infrastructure and services to on-premises locations, providing low-latency access to AWS resources and ensuring data residency. This service is suitable for hybrid environments that require the same AWS services and infrastructure to be available locally. Wavelength, Transit Gateway, and Ground Station do not specifically address low-latency access to on-premises resources or data residency.

Question 5

A company wants to log in securely to Linux Amazon EC2 instances.

How can the company accomplish this goal?

AUse SSH keys.

BUse a VPN.

CUse end-to-end encryption.

DUse Amazon Route 53.

Answer : A

SSH keys provide secure login for Linux-based Amazon EC2 instances by establishing a secure connection over SSH (Secure Shell), protecting login credentials from interception. VPNs and encryption enhance security in other contexts, but SSH keys are the standard approach for accessing Linux EC2 instances. Amazon Route 53 is unrelated to EC2 instance access.

Question 6

A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.

Which AWS service should the company use for the migration?

AAWS Database Migration Service (AWS DMS)

BAWS DataSync

CAWS Migration Hub

DAWS Application Migration Service

Answer : B

AWS DataSync is designed for large-scale data transfers, especially involving large datasets with millions of files from on-premises to AWS. It provides fast and efficient transfer capabilities, and supports a one-time migration. AWS DMS is specific to databases, while Migration Hub is for tracking migrations, and Application Migration Service is for continuous replication rather than one-time file migrations.

Question 7

A company needs to manage multiple logins across AWS accounts within the same organization in AWS Organizations.

Which AWS service should the company use to meet this requirement?

AAmazon VPC

BAmazon GuardDuty

CAmazon Cognito

DAWS IAM Identity Center

Answer : D

AWS IAM Identity Center (formerly AWS Single Sign-On) provides centralized management of user access to multiple AWS accounts within an organization in AWS Organizations. It allows users to log in once and gain access to all assigned accounts without managing separate logins for each account. Amazon Cognito is generally used for application-level user management and authentication, not for managing access across AWS accounts.

Amazon CLF-C02 AWS Certified Cloud Practitioner Exam Practice Test