본문 바로가기
AWS/Certified Cloud Practitioner (CLF)

[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (3)

by HYUNHP 2024. 8. 16.
728x90
반응형

안녕하세요 HELLO

 

이번에 AWS Certified Cloud Practitioner CLF-C02를 준비하면서, 문제 은행 Dump 사이트에서 문제 및 해설을 정리했습니다. 한 곳에 정리된 글이 없어서, 공부하기가 어려웠기에, 이를 활용해서 다들 공부에 도움 되었으면 합니다.

 

■ AWS Certified Cloud Practitioner CLF-C02 Dump 정리

 

1. 문제 1~20 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (1)

2. 문제 21~40 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2)

3. 현재 페이지 (문제 41~60)

4. 문제 61~80 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4)

5. 문제 81~100 :[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (5)

6. 문제 101~120 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6)

7. 문제 121~140 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (7)

8. 문제 141~ 160 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (8)

9. 문제 161~180 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (9)

 

반응형

 

#41. A company needs to track the activity in its AWS accounts, and needs to know when an API call is made against its AWS resources. Which AWS tool or service can be used to meet these requirements?

 

  • A. Amazon CloudWatch
  • B. Amazon Inspector
  • C. AWS CloudTrail
  • D. AWS IAM

 

더보기

Selected Answer: C

C. "CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions."

Reference: https://aws.amazon.com/cloudtrail/faqs/

 

#42. A company has an uninterruptible application that runs on Amazon EC2 instances. The application constantly processes a backlog of files in an Amazon Simple Queue Service (Amazon SQS) queue. This usage is expected to continue to grow for years. What is the MOST cost-effective EC2 instance purchasing model to meet these requirements?

 

  • A. Spot Instances
  • B. On-Demand Instances
  • C. Savings Plans
  • D. Dedicated Hosts

 

더보기

Selected Answer: C

C. Savings Plans: Savings Plans provide significant cost savings compared to On-Demand Instances, while still offering flexibility and a commitment to a consistent amount of usage, which aligns with the long-term, predictable workload described in the scenario. This model allows you to commit to a consistent amount of usage (measured in dollars per hour) for a 1-year or 3-year term, offering flexibility across EC2 instance types, sizes, and regions. It's a suitable choice for workloads with sustained usage over a long period.

 

#43. A company wants an AWS service to provide product recommendations based on its customer data.
Which AWS service will meet this requirement?

 

  • A. Amazon Polly
  • B. Amazon Personalize
  • C. Amazon Comprehend
  • D. Amazon Rekognition

 

더보기

Selected Answer: B

A. Amazon Polly: Deploy high-quality, natural-sounding human voices in dozens of languages.

B. Amazon Personalize: Enhance your digital transformation with ML, seamlessly integrating personalized recommendations into websites, applications, email systems.

C. Amazon Comprehend: Derive and understand valuable insights from text within document.

D. Amazon Rekognition : Automate and lower the cost of your image recognition and video

 

#44. A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives. Which phase of the cloud transformation journey includes these identification activities?

 

  • A. Envision
  • B. Align
  • C. Scale
  • D. Launch

 

더보기

Selected Answer: B

"Align phase focuses on identifying capability gaps across the six AWS CAF perspectives, identifying cross-organizational dependencies, and surfacing stakeholder concerns and challenges."

Reference: https://docs.aws.amazon.com/whitepapers/latest/overview-aws-cloud-adoption-framework/your-cloud-transformation-journey.html

 

#45. A social media company wants to protect its web application from common web exploits such as SQL injections and cross-site scripting. Which AWS service will meet these requirements?

 

  • A. Amazon Inspector
  • B. AWS WAF
  • C. Amazon GuardDuty
  • D. Amazon CloudWatch

 

더보기

Selected Answer: B

"AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting."

References: https://aws.amazon.com/waf/faqs/

 

#46. Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC2 images?

 

  • A. EC2 Image Builder
  • B. Amazon Machine Image (AMI)
  • C. AWS Launch Wizard
  • D. AWS Elastic Beanstalk

 

더보기

Selected Answer: A

EC2 Image Builder is a fully-managed AWS service that makes it easier to automate the creation, management, and deployment of customized, secure, and up-to-date “golden” server images that are pre-installed and pre-configured with software and settings to meet specific IT standards.

 

#47. A company wants an automated process to continuously scan its Amazon EC2 instances for software vulnerabilities.
Which AWS service will meet these requirements?

 

  • A. Amazon GuardDuty
  • B. Amazon Inspector
  • C. Amazon Detective
  • D. Amazon Cognito

 

더보기

Selected Answer: B

"Amazon Inspector is an automated vulnerability management service that continually scans Amazon Elastic Compute Cloud (EC2), AWS Lambda functions, and container workloads for software vulnerabilities and unintended network exposure."

Reference: https://aws.amazon.com/inspector/faqs/

 

#48. A company needs to perform data processing once a week that typically takes about 5 hours to complete.
Which AWS service should the company use for this workload?

 

  • A. AWS Lambda
  • B. Amazon EC2
  • C. AWS CodeDeploy
  • D. AWS Wavelength

 

더보기

Selected Answer: B

A. AWS Lambda is a serverless computing service that runs your code without provisioning or managing servers. However, Lambda functions have a maximum execution time of 15 minutes. Therefore, Lambda is not suitable for workloads that need to run for longer than 15 minutes.

B> Amazon EC2 is a scalable computing service that provides instances with varying capabilities and pricing options. You can choose an EC2 instance that is right for your data processing job and then terminate the instance when the job is complete. This will help you to save money on your AWS bill.

 

#49. Which AWS service or feature provides log information of the inbound and outbound traffic on network interfaces in a VPC?

 

  • A. Amazon CloudWatch Logs
  • B. AWS CloudTrail
  • C. VPC Flow Logs
  • D. AWS Identity and Access Management (IAM)

 

더보기

Selected Answer: C

C. VPC flow logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow logs data can be published to either Amazon CloudWatch Logs or Amazon S3. You can monitor your VPC flow logs to gain operational visibility about your network dependencies and traffic patterns, detect anomalies and prevent data leakage, or troubleshoot network connectivity and configuration issues.

 

#50. A company wants to design a centralized storage system to manage the configuration data and passwords for its critical business applications. Which AWS service or capability will meet these requirements MOST cost-effectively?

 

  • A. AWS Systems Manager Parameter Store
  • B. AWS Secrets Manager
  • C. AWS Config
  • D. Amazon S3

 

더보기

Selected Answer: A

A. AWS Systems Manager Parameter Store: Provides a secure, hierarchical store for storing configuration data, secrets, and other sensitive information. It offers integration with AWS Identity and Access Management (IAM) for fine-grained access control and provides encryption at rest for enhanced security.

B. AWS Secrets Manager. Is specifically designed for managing secrets such as passwords, API keys, and other sensitive information, it typically incurs higher costs compared to Parameter Store. Parameter Store can efficiently manage both configuration data and secrets, making it a cost-effective solution for the described scenario.

 

#51. A company plans to deploy containers on AWS. The company wants full control of the compute resources that host the containers. Which AWS service will meet these requirements?

 

  • A. Amazon Elastic Kubernetes Service (Amazon EKS)
  • B. AWS Fargate
  • C. Amazon EC2
  • D. Amazon Elastic Container Service (Amazon ECS)

 

더보기

Selected Answer: C

Requirement: Full control over compute resources for container deployment.
Service Features:

A. EKS: A managed Kubernetes service, not offering direct control over underlying compute resources.

B. Fargate: Serverless container platform within ECS, where resources are managed by AWS.

C. EC2: Provides virtual machines (VMs) where users have complete control over configuration, resource allocation, and management.

D. ECS: Offers both managed and unmanaged options (EC2 Launch Type), but the EC2 Launch Type provides full control over compute resources.

Therefore, only EC2 allows complete user control over the VMs hosting the containers, fulfilling the company's specific need

 

#52. Which AWS service or feature allows users to create new AWS accounts, group multiple accounts to organize workflows, and apply policies to groups of accounts?

 

  • A. AWS Identity and Access Management (IAM)
  • B. AWS Trusted Advisor
  • C. AWS CloudFormation
  • D. AWS Organizations

 

더보기

Selected Answer: D

AWS Organizations helps you centrally govern your environment as you scale your workloads on AWS. Whether you are a growing startup or a large enterprise, Organizations helps you to programmatically create new accounts and allocate resources, simplify billing by setting up a single payment method for all of your accounts, create groups of accounts to organize your workflows, and apply policies to these groups for governance. In addition, AWS Organizations is integrated with other AWS services so you can define central configurations, security mechanisms, and resource sharing across accounts in your organization.

Reference: https://aws.amazon.com/organizations/faqs/

 

#53. A company wants to store and retrieve files in Amazon S3 for its existing on-premises applications by using industry-standard file system protocols. Which AWS service will meet these requirements?

 

  • A. AWS DataSync
  • B. AWS Snowball Edge
  • C. Amazon S3 File Gateway
  • D. AWS Transfer Family

 

더보기

Selected Answer: C
C. Amazon S3 File Gateway

Amazon S3 File Gateway provides NFS and SMB access to objects stored in Amazon S3. It enables existing on-premises applications to access data in Amazon S3 as if they were accessing a file system, using standard file system protocols. This makes it an ideal solution for integrating on-premises applications with Amazon S3 storage.

 

#54. A company wants to block SQL injection attacks.
Which AWS service or feature should the company use to meet this requirement?

 

  • A. AWS WAF
  • B. Network ACLs
  • C. Security groups
  • D. AWS Certificate Manager (ACM)

 

더보기

Selected Answer: A

"AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting."

References: https://aws.amazon.com/waf/faqs/

 

#55. A company wants a unified tool to provide a consistent method to interact with AWS services.
Which AWS service or tool will meet this requirement?

 

  • A. AWS CLI
  • B. Amazon Elastic Container Service (Amazon ECS)
  • C. AWS Cloud9
  • D. AWS Virtual Private Network (AWS VPN)

 

더보기

Selected Answer: A

"The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts."

Reference: https://aws.amazon.com/cli/

 

#56. A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance and security.
Which AWS service can the company use to meet these requirements?

 

  • A. AWS Shield
  • B. AWS WAF
  • C. AWS Trusted Advisor
  • D. AWS Service Catalog

 

더보기

Selected Answer: C

Explanation: AWS Trusted Advisor is a service that helps users secure and optimize their AWS environments. Trusted Advisor offers a range of recommendations in five categories:

Cost: Recommendations to reduce AWS costs
Performance: Recommendations to improve the performance of AWS resources
Service Limits: Recommendations to comply with AWS service limits
Fault Tolerance: Recommendations to increase the fault tolerance of AWS environments
Security: Recommendations to improve the security of AWS environments

 

#57. Which perspective in the AWS Cloud Adoption Framework (AWS CAF) includes capabilities for configuration management and patch management?

 

  • A. Platform
  • B. Operations
  • C. Security
  • D. Governance

 

더보기

Selected Answer: B

AWS CAF Operations perspective capabilities


• Observability
• Event management (AIOps)
• Incident and problem management
• Change and release management
• Performance and capacity management
• Configuration management
• Patch management
• Availability and continuity management
• Application management

Reference: https://docs.aws.amazon.com/whitepapers/latest/overview-aws-cloud-adoption-framework/operations-perspective.html

 

#58. A company has a compute workload that is steady, predictable, and uninterruptible.
Which Amazon EC2 instance purchasing options meet these requirements MOST cost-effectively? (Choose two.)

 

  • A. On-Demand Instances
  • B. Reserved Instances
  • C. Spot Instances
  • D. Saving Plans
  • E. Dedicated Hosts

 

더보기

Selected Answer: BD

For a steady, predictable, and uninterruptible compute workload, the most cost-effective Amazon EC2 instance purchasing options would typically be:

B. Reserved Instances: Reserved Instances provide a significant discount compared to On-Demand Instances in exchange for a commitment to a one- or three-year term. Since the workload is steady and predictable, you can forecast your usage and purchase Reserved Instances accordingly, optimizing costs over time.

D. Saving Plans: Similar to Reserved Instances, Savings Plans offer significant discounts on usage in exchange for committing to a specific amount of compute usage (measured in dollars per hour) over a one- or three-year term. Savings Plans provide flexibility across a wider range of instance types and regions compared to Reserved Instances.

 

#59. Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours?

 

  • A. On-Demand Instances
  • B. Reserved Instances
  • C. Spot Instances
  • D. Dedicated Instances

 

더보기

Selected Answer: A

For an uninterruptible workload that runs once a year just for 24 hours (It means one day in a year), the most cost-efficient Amazon EC2 pricing model would be On-Demand Instances. On-Demand Instances are ideal for short-term workloads that spike periodically or unpredictable workloads that can’t be interrupted. Reserved Instances are best suited for workloads that run continuously for a year or longer, while Spot Instances are most cost-effective for workloads that can tolerate downtime and have flexible start and end times. Dedicated Instances are not a pricing model, but rather a physical Amazon EC2 server dedicated to a single customer.

 

#60. Which option is a shared responsibility between AWS and its customers under the AWS shared responsibility model?

 

  • A. Configuration of Amazon EC2 instance operating systems
  • B. Application file system server-side encryption
  • C. Patch management
  • D. Security of the physical infrastructure

 

더보기

Selected Answer: C

A. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.

C. Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.

https://aws.amazon.com/compliance/shared-responsibility-model/

■ 마무리

'AWS Certified Cloud Practitioner CLF-C02'에 대해서 정리해 봤습니다.

 

그럼 오늘 하루도 즐거운 나날 되길 기도하겠습니다

좋아요댓글 부탁드립니다 :)

 

감사합니다.

반응형
저작자표시 비영리 동일조건

'AWS > Certified Cloud Practitioner (CLF)' 카테고리의 다른 글

[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6)  (0) 2024.08.17
[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (5)  (0) 2024.08.17
[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4)  (0) 2024.08.16
[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2)  (1) 2024.08.15
[AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (1)  (1) 2024.08.15

관련글

댓글

티스토리툴바