안녕하세요 HELLO
이번에 AWS Certified Cloud Practitioner CLF-C02를 준비하면서, 문제 은행 Dump 사이트에서 문제 및 해설을 정리했습니다. 한 곳에 정리된 글이 없어서, 공부하기가 어려웠기에, 이를 활용해서 다들 공부에 도움 되었으면 합니다.
■ AWS Certified Cloud Practitioner CLF-C02 Dump 정리
1. 현재 페이지 (문제 1~20)
2. 문제 21~40 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2)
3. 문제 41~60 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (3)
4. 문제 61~80 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4)
5. 문제 81~100 :[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (5)
6. 문제 101~120 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6)
7. 문제 121~140 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (7)
8. 문제 141~ 160 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (8)
9. 문제 161~180 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (9)
#1. A company wants to assess its operational readiness. It also wants to identify and mitigate any operational risks ahead of a new product launch. Which AWS Support plan offers guidance and support for this kind of event at no additional charge?
- A. AWS Business Support
- B. AWS Basic Support
- C. AWS Developer Support
- D. AWS Enterprise Support
D. AWS Enterprise Support: This is the premium support plan providing a wide range of benefits, including 24/7 access to Cloud Support Engineers, a Technical Account Manager (TAM), and more. It is suitable for enterprises running business-critical workloads
#2. A company wants to establish a schedule for rotating database user credentials.
Which AWS service will support this requirement with the LEAST amount of operational overhead?
- A. AWS Systems Manager
- B. AWS Secrets Manager
- C. AWS License Manager
- D. AWS Managed Services
A. AWS Systems Manager: It is a management service that allows you to automate operational tasks across your AWS resources. While it provides a wide range of automation capabilities, it is not specialized for the specific task of rotating database credentials.
B. AWS Secrets Manager: This service is specifically designed for managing sensitive information like API keys, passwords, and database credentials. It includes automatic rotation of secrets to enhance security and reduce operational overhead.
C. AWS License Manager: This service focuses on helping you manage your software licenses and ensure compliance. It does not offer specific features for rotating database credentials.
D. AWS Managed Services: This service is designed to provide ongoing management of your AWS infrastructure. While it covers various operational aspects, it doesn't have specific features for credential rotation.
#3. Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?
- A. Amazon Route 53
- B. Amazon Macie
- C. AWS Direct Connect
- D. AWS PrivateLink
Selected Answer: C
A. Amazon Route 53: This is a scalable domain name system (DNS) web service and is not directly related to creating private connections between on-premises and AWS Cloud workloads.
B. Amazon Macie: This is a security service that uses machine learning to automatically discover, classify, and protect sensitive data. It is not designed for creating private connections.
C. AWS Direct Connect: Establishes dedicated network connections from your on-premises data centers to AWS. It can enhance network performance, reduce latency, and provide a more reliable connection compared to public internet connections. AWS Direct Connect is specifically designed for creating private and dedicated connections between on-premises infrastructure and AWS resources.
D. AWS PrivateLink: Designed for secure and scalable access to AWS services directly from your VPC without traversing the public internet. It's particularly useful when you want to access AWS services from your VPC without using public IP addresses and want to keep the traffic within the AWS network.
#4. Which AWS service is used to provide encryption for Amazon EBS?
- A. AWS Certificate Manager
- B. AWS Systems Manager
- C. AWS KMS
- D. AWS Config
Selected Answer: C
A. AWS Certificate Manager (ACM): Primarily used for managing SSL/TLS certificates used in conjunction with AWS services like Elastic Load Balancer (ELB) or Amazon CloudFront to enable secure communication over HTTPS. It is not directly related to encrypting Amazon EBS volumes.
B. AWS Systems Manager: Allows you to automate operational tasks across your AWS resources. While it provides features for managing system configurations, patching, and automation, it is not specifically designed for encrypting Amazon EBS volumes.
C. AWS Key Management Service (AWS KMS): A fully managed service that makes it easy for you to create, control, and manage encryption keys used to encrypt your data. It integrates seamlessly with other AWS services, including Amazon EBS, for encryption purposes.
D. AWS Config: Enables you to assess, audit, and evaluate the configurations of your AWS resources. It does not directly provide encryption for Amazon EBS volumes.
#5. A company wants to manage its AWS Cloud resources through a web interface.
Which AWS service will meet this requirement?
- A. AWS Management Console
- B. AWS CLI
- C. AWS SDK
- D. AWS Cloud9
Selected Answer: A
A. AWS Management Console: A web-based interface that allows users to access and manage their AWS resources using a graphical user interface (GUI). This console provides an easy-to-use platform for various AWS services.
B. AWS CLI (Command Line Interface): Command-line tool that allows users to interact with AWS services using commands in the terminal or command prompt. It is not a web interface but a command-line tool.
C. AWS SDK (Software Development Kit): Libraries and tools provided by AWS to help developers interact with AWS services programmatically. They are used for developing applications and are not a web interface.
D. AWS Cloud9: An integrated development environment (IDE) that allows users to write, run, and debug code directly in the browser. While it provides an interface, it is specifically designed for development tasks rather than general resource management.
#6. Which of the following are advantages of the AWS Cloud? (Choose two.)
- A. Trade variable expenses for capital expenses
- B. High economies of scale
- C. Launch globally in minutes
- D. Focus on managing hardware infrastructure
- E. Overprovision to ensure capacity
Selected Answer: BC
A. Trade variable expenses for capital expenses: The AWS Cloud allows organizations to shift from capital expenses (CapEx) to variable expenses (OpEx), not the other way around.
B. High economies of scale: AWS Cloud leverages high economies of scale, allowing customers to benefit from cost savings due to the massive scale of AWS infrastructure. This enables cost-effective solutions for businesses.
C. Launch globally in minutes: One of the advantages of the AWS Cloud is the ability to deploy applications and resources globally in a matter of minutes. This quick global deployment facilitates flexibility and responsiveness to changing business needs.
D. Focus on managing hardware infrastructure: With AWS Cloud, customers can focus on building and innovating applications rather than managing the hardware infrastructure.
E. Overprovision to ensure capacity: Overprovisioning is not considered an advantage in the AWS Cloud. Instead, AWS provides scalability, allowing users to scale resources up or down based on demand, avoiding the need for unnecessary overprovisioning.
#7. Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime?
- A. Agility
- B. Elasticity
- C. Scalability
- D. High availability
Selected Answer: D
A. Agility: This refers to the ability to quickly and easily adapt to changes, innovate, and respond to evolving business needs.
B. Elasticity: Elasticity is the ability to dynamically scale resources up or down based on demand. It helps optimize costs and ensures that the application can handle varying workloads.
C. Scalability: Scalability involves the ability to increase or decrease the size of resources to accommodate changes in demand. It is related to both elasticity and the ability to handle growth.
D. High availability: An architecture's ability to withstand failures with minimal downtime is a key aspect of high availability in the AWS Cloud. High availability ensures that applications remain operational and accessible even in the face of component failures or disruptions.
#8. A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion.
Which AWS service should the developer use to meet these requirements?
- A. AWS Ground Station
- B. AWS Shield
- C. AWS IoT Device Defender
- D. AWS CloudFormation
Selected Answer: D
A. AWS Ground Station: AWS Ground Station is a service for satellite data processing.
B. AWS Shield: AWS Shield is a managed Distributed Denial of Service (DDoS) protection service. It is focused on protecting applications from DDoS attacks.
C. AWS IoT Device Defender: AWS IoT Device Defender is a service that helps you secure your IoT devices.
D. AWS CloudFormation: A service that allows you to define and provision AWS infrastructure as code in a safe, predictable, and repeatable manner. It enables the developer to create and manage a collection of AWS resources by describing the infrastructure in a template. This helps in maintaining both development and production environments consistently.
#9. Which task is the customer’s responsibility, according to the AWS shared responsibility model?
- A. Maintain the security of the AWS Cloud.
- B. Configure firewalls and networks.
- C. Patch the operating system of Amazon RDS instances.
- D. Implement physical and environmental controls.
Selected Answer: B
A. Maintain the security of the AWS Cloud: This is a shared responsibility between AWS and the customer. AWS is responsible for the security of the cloud (such as infrastructure, hardware, software, and facilities), while the customer is responsible for security in the cloud (such as data, identity and access management, applications, etc.).
B. Configure firewalls and networks: This is a customer responsibility. Customers have control over configuring security groups, network access control lists (ACLs), and other network-related configurations to control traffic to and from their resources.
C. Patch the operating system of Amazon RDS instances: This is not the responsibility of the customer for Amazon RDS. AWS manages the patching of the underlying operating system for RDS instances. Customers are responsible for patching the databases and application software, but not the OS.
D. Implement physical and environmental controls: This is a customer responsibility. Customers are responsible for implementing physical security controls to secure their own content, platforms, applications, systems, and networks
#10. Which AWS service helps deliver highly available applications with fast failover for multi-Region and Multi-AZ architectures?
- A. AWS WAF
- B. AWS Global Accelerator
- C. AWS Shield
- D. AWS Direct Connect
Selected Answer: B
B. AWS Global Accelerator: A service that uses static IP addresses to route traffic over the AWS global network to optimal AWS endpoints based on health, geography, and routing policies. It provides highly available and performant applications with features like fast failover for multi-Region and Multi-AZ (Availability Zone) architectures.
A. AWS WAF (Web Application Firewall): It is a web application firewall that helps protect web applications from common web exploits.
C. AWS Shield: It is a managed Distributed Denial of Service (DDoS) protection service.
D. AWS Direct Connect: It provides dedicated network connections from on-premises data centers to AWS, enhancing network performance.
#11. A company has a set of ecommerce applications. The applications need to be able to send messages to each other.
Which AWS service meets this requirement?
- A. AWS Auto Scaling
- B. Elastic Load Balancing
- C. Amazon Simple Queue Service (Amazon SQS)
- D. Amazon Kinesis Data Streams
Selected Answer: C
A. AWS Auto Scaling: It automatically adjusts the number of Amazon EC2 instances in a group based on specified policies.
B. Elastic Load Balancing: It distributes incoming application traffic across multiple targets, such as EC2 instances. It focuses on load distribution and high availability.
C. Amazon Simple Queue Service (Amazon SQS): A fully managed message queuing service that enables decoupling and scaling of distributed systems. It allows applications to send messages to each other and helps in building distributed, loosely coupled systems.
D. Amazon Kinesis Data Streams: It is used for real-time streaming data processing, not direct messaging between applications.
#12. What are the benefits of consolidated billing for AWS Cloud services? (Choose two.)
- A. Volume discounts
- B. A minimal additional fee for use
- C. One bill for multiple accounts
- D. Installment payment options
- E. Custom cost and usage budget creation
Selected Answer: AC
A. Volume discounts: Consolidated billing combines usage for potential higher volume discounts.
B. A minimal additional fee for use: Consolidated billing focuses on simplifying billing, without introducing additional fees.
C. One bill for multiple accounts: Consolidated billing provides a single bill for all linked AWS accounts, simplifying the billing process.
D. Installment payment options: Payment options are part of AWS billing but not exclusive to consolidated billing.
E. Custom cost and usage budget creation: Creating custom budgets is not directly related to consolidated billing but can be managed separately with AWS Budgets.
#13. A user wants to review all Amazon S3 buckets with ACLs and S3 bucket policies in the S3 console.
Which AWS service or resource will meet this requirement?
- A. S3 Multi-Region Access Points
- B. S3 Storage Lens
- C. AWS IAM Identity Center (AWS Single Sign-On)
- D. Access Analyzer for S3
Selected Answer: D
A. S3 Multi-Region Access Points: This service is designed for multi-region access to S3 data.
B. S3 Storage Lens: This service provides organization-wide visibility into object storage usage and activity.
C. AWS IAM Identity Center (AWS Single Sign-On): This service is related to identity and access management, but it doesn't provide a direct interface for reviewing S3 bucket ACLs and policies.
D. Access Analyzer for S3: This service is designed to review and analyze access policies for S3 buckets, providing insights into who has access to your buckets and how that access is granted. It is the most suitable option for the specified requirement.
#14. What is the best resource for a user to find compliance-related information and reports about AWS?
- A. AWS Artifact
- B. AWS Marketplace
- C. Amazon Inspector
- D. AWS Support
Selected Answer: A
A. AWS Artifact: A portal that provides on-demand access to AWS compliance reports, certifications, and attestations. It is a centralized location for various compliance-related documents.
B. AWS Marketplace: An online store where customers can find, buy, and deploy software that runs on AWS.
C. Amazon Inspector: An automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
D. AWS Support: Provides technical support for AWS services. While AWS Support may assist with compliance-related inquiries, it is not the primary resource for compliance reports.
#15. Which AWS service enables companies to deploy an application close to end users?
- A. Amazon CloudFront
- B. AWS Auto Scaling
- C. AWS AppSync
- D. Amazon Route 53
Selected Answer: A
A. Amazon CloudFront: A content delivery network (CDN) service that enables companies to deliver static and dynamic web content, including applications, to end users with low latency and high transfer speeds. It helps deploy an application close to end users.
B. AWS Auto Scaling: Automatically adjusts the number of Amazon EC2 instances in a group based on changing application demand.
C. AWS AppSync: Afully managed service that makes it easy to develop GraphQL APIs. It helps applications securely connect to data sources like AWS DynamoDB.
D. Amazon Route 53: A scalable domain name system (DNS) web service designed to route end-user requests to globally distributed endpoints. It facilitates domain registration and management of DNS records, contributing to efficient application deployment.
#16. Which AWS service or feature improves network performance by sending traffic through the AWS worldwide network infrastructure?
- A. Route table
- B. AWS Transit Gateway
- C. AWS Global Accelerator
- D. Amazon VPC
Selected Answer: C
A. Route table: A route table in Amazon VPC contains a set of rules, called routes, that are used to determine where network traffic is directed. While it is essential for routing within a VPC, it doesn't specifically improve network performance by leveraging the AWS worldwide network infrastructure.
B. AWS Transit Gateway: A service that simplifies network connectivity across multiple Amazon VPCs, on-premises data centers, and remote offices. It helps with managing and scaling connectivity but doesn't focus on improving network performance globally.
C. AWS Global Accelerator: A service that uses the AWS global network to optimize the routing of traffic to applications. It improves the availability and performance of applications by utilizing anycast IP addresses. It specifically improves network performance globally.
D. Amazon VPC: A service that lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources. While VPC is fundamental for networking in AWS, it doesn't directly improve network performance through the global infrastructure.
#17. Which AWS service provides highly durable object storage?
- A. Amazon S3
- B. Amazon Elastic File System (Amazon EFS)
- C. Amazon Elastic Block Store (Amazon EBS)
- D. Amazon FSx
Selected Answer: A
A. Amazon S3 (Simple Storage Service): Provides highly durable object storage with 99.999999999% (11 9's) durability. It is suitable for storing and retrieving any amount of data.
B. Amazon Elastic File System (Amazon EFS): Provides scalable file storage, but it is not specifically designed for object storage. It is more suitable for file-based workloads.
C. Amazon Elastic Block Store (Amazon EBS): Provides block-level storage volumes for use with Amazon EC2 instances. It is not object storage; instead, it is used for attaching persistent block storage to instances.
D. Amazon FSx: Provides fully managed file storage, and it is not focused on object storage. It is designed for Windows File Server or Lustre file systems.
#18. Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances?
- A. Database backups
- B. Database software patches
- C. Operating system patches
- D. Operating system installations
Selected Answer: D
A. Database backups - Customer responsibility. Customers are responsible for managing and maintaining backups of their data. AWS provides tools and services, but it's up to the customer to implement and manage backup strategies for their databases.
B. Database software patches - Customer responsibility. The customer is responsible for applying patches and updates to the database software running on their EC2 instances. This includes managing the software lifecycle, updates, and security patches.
C. Operating system patches - Customer responsibility. Similar to database software patches, the customer is responsible for applying patches and updates to the operating system of the EC2 instances. AWS manages the infrastructure, but the customer is responsible for the configuration and maintenance of their instance's operating systems.
D. Operating system installations - AWS responsibility. AWS takes care of installing and maintaining the operating system on the EC2 instances. This is part of the underlying infrastructure managed by AWS as a cloud service provider.
#19. Which of the following are advantages of moving to the AWS Cloud? (Choose two.)
- A. The ability to turn over the responsibility for all security to AWS.
- B. The ability to use the pay-as-you-go model.
- C. The ability to have full control over the physical infrastructure.
- D. No longer having to guess what capacity will be required.
- E. No longer worrying about users access controls.
Selected Answer: BD
A. While AWS provides a secure cloud infrastructure, the overall responsibility for security is shared between AWS and the customer. Customers are responsible for securing their data and applications in the cloud.
B. The ability to use the pay-as-you-go model - AWS provides a flexible and cost-effective pay-as-you-go pricing model, allowing users to pay only for the resources they consume without upfront costs or long-term commitments.
C. AWS abstracts the physical infrastructure from users, providing a managed and abstracted environment. Users have control over their virtual resources, but AWS manages the physical infrastructure.
D. No longer having to guess what capacity will be required - AWS offers scalable resources, enabling users to dynamically scale up or down based on their actual needs. This eliminates the need for upfront capacity planning and allows for efficient resource utilization.
E. Users are still responsible for managing access controls and permissions for their applications and data in the AWS Cloud. AWS provides tools and services to assist in implementing access controls, but the responsibility remains with the customer.
#20. Which AWS service is a hybrid cloud storage service that provides on-premises users access to virtually unlimited cloud storage?
- A. AWS DataSync
- B. Amazon S3 Glacier
- C. AWS Storage Gateway
- D. Amazon Elastic Block Store (Amazon EBS)
Selected Answer: C
A. AWS DataSync: A data transfer service that simplifies, automates, and accelerates moving large amounts of data between on-premises storage systems and AWS Cloud storage. It is focused on efficient data transfer.
B. Amazon S3 Glacier: A storage service designed for archiving and long-term backup of infrequently accessed data. It is suitable for data that is rarely accessed and requires low-cost storage. While it is a cloud storage service, it is not specifically designed for on-premises users to access virtually unlimited cloud storage.
C. AWS Storage Gateway: A hybrid cloud storage service that enables on-premises applications to use cloud storage seamlessly. It provides file, volume, and tape gateway interfaces to integrate on-premises environments with AWS Cloud storage. This service allows on-premises users to access virtually unlimited cloud storage while maintaining a hybrid storage infrastructure.
D. Amazon Elastic Block Store (Amazon EBS): Provides block-level storage volumes for use with Amazon EC2 instances. It is primarily focused on providing scalable and high-performance block storage for EC2 instances.
■ 마무리
'Certified Cloud Practitioner CLF-C02 Dump 문제'에 대해서 정리해 봤습니다.
그럼 오늘 하루도 즐거운 나날 되길 기도하겠습니다
좋아요와 댓글 부탁드립니다 :)
감사합니다.
'AWS > Certified Cloud Practitioner (CLF)' 카테고리의 다른 글
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6) (0) | 2024.08.17 |
|---|---|
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (5) (0) | 2024.08.17 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4) (0) | 2024.08.16 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (3) (0) | 2024.08.16 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2) (0) | 2024.08.15 |
댓글