Amazon CLF-C02 AWS Certified Cloud Practitioner Exam Practice Test

Page: 1 / 14
Total 821 questions
Question 1

A large company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?



Answer : B

The company can use AWS Organizations to track the combined AWS usage costs of all of its linked accounts. AWS Organizations is a service that enables you to consolidate multiple AWS accounts into an organization that you can manage centrally. You can use AWS Organizations to create a consolidated billing report that shows the charges incurred by each account in your organization as well as the total charges across all accounts.You can also use AWS Organizations to apply policies and controls to your accounts to help you manage costs and security5.


Question 2

Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services?



Answer : D

The correct answer is D because AWS Security Hub is a service that aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer. The other options are incorrect because they are not services that aggregate security alerts and findings from multiple AWS services. Amazon Detective is a service that helps users analyze and visualize security data to investigate and remediate potential issues. Amazon Inspector is a service that helps users find security vulnerabilities and deviations from best practices in their Amazon EC2 instances. Amazon Macie is a service that helps users discover, classify, and protect sensitive data stored in Amazon S3. Reference:AWS Security Hub FAQs


Question 3

Which benefit does AWS offer exclusively to users who have an AWS Enterprise Support plan?



Answer : B

AWS Enterprise Support plan is the highest level of support that AWS offers to its customers.One of the exclusive benefits of this plan is the access to a technical account manager (TAM), who is adedicated point of contact for guidance, advocacy, and support2.A technical project manager, a cloud support engineer, and a solutions architect are not exclusive benefits of the AWS Enterprise Support plan, as they are also available to customers with lower-tier support plans or through other AWS services or programs345.


Question 4

A company's application is running on Amazon EC2 instances. The company is planning a partial migration to a serverless architecture in the next year and wants to pay for resources up front.

Which AWS purchasing option will optimize the company's costs?



Answer : D

Compute Savings Plans provide the most flexibility and help to reduce your costs by up to 66%. These plans automatically apply to EC2 instance usage regardless of instance family, size, AZ, Region, OS or tenancy, and also apply to Fargate or Lambda usage. For example, with Compute Savings Plans, you can change from C4 to M5 instances, shift a workload from EU (Ireland) to EU (London), or move a workload from EC2 to Fargate or Lambda at any time and automatically continue to pay the Savings Plans price.

https://aws.amazon.com/savingsplans/compute-pricing/


Question 5

Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing?

(Select TWO.)



Answer : A, B

Amazon CloudWatch and AWS CloudTrail are the AWS services that allow users to monitor and retain records of account activities that include governance, compliance, and auditing. Amazon CloudWatch is a service that collects and tracks metrics, collects and monitors log files, and sets alarms. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Amazon GuardDuty, AWS Shield, and AWS WAF are AWS services that provide security and protection for AWS resources, but they do not monitor and retain records of account activities.These concepts are explained in the AWS Cloud Practitioner Essentials course3.


Question 6

A company needs to run code in response to an event notification that occurs when objects are uploaded to an Amazon S3 bucket.

Which AWS service will integrate directly with the event notification?



Answer : A

AWS Lambda is a service that lets you run code without provisioning or managing servers. You can use Lambda to process event notifications from Amazon S3 when objects are uploaded or deleted. Lambda integrates directly with the event notification and invokes your code automatically. Therefore, the correct answer is A.


Question 7

A company uses a third-party identity provider (IdP). The company wants to provide its employees with access to AWS accounts and services without requiring another set of login credentials.

Which AWS service will meet this requirement?



Answer : C

AWS IAM Identity Center (formerly AWS Single Sign-On or AWS SSO)provides a single sign-on experience for accessing AWS accounts and applications by integrating with third-party identity providers (IdPs) like Microsoft Active Directory, Okta, or any SAML 2.0-compliant IdP. This service allows employees to log in once using their existing corporate credentials managed by the third-party IdP and gain access to multiple AWS accounts and services without needing separate AWS credentials.

Why other options are not suitable:

A . AWS Directory Service: Provides a managed Microsoft Active Directory, but does not directly support single sign-on integration with third-party IdPs.

B . Amazon Cognito: Primarily used for managing authentication for web and mobile apps, not for integrating third-party IdPs for AWS management access.

D . AWS Resource Access Manager (AWS RAM): Used for sharing AWS resources across accounts, not for identity and access management.


AWS IAM Identity Center Documentation

Page:    1 / 14   
Total 821 questions