안녕하세요 HELLO
이번에 AWS Certified Cloud Practitioner CLF-C02를 준비하면서, 문제 은행 Dump 사이트에서 문제 및 해설을 정리했습니다. 한 곳에 정리된 글이 없어서, 공부하기가 어려웠기에, 이를 활용해서 다들 공부에 도움 되었으면 합니다.
■ AWS Certified Cloud Practitioner CLF-C02 Dump 정리
1. 문제 1~20 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (1)
2. 문제 21~40 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2)
3. 문제 41~60 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (3)
4. 문제 61~80 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4)
5. 현재 페이지 (81~100)
6. 문제 101~120 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6)
7. 문제 121~140 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (7)
8. 문제 141~ 160 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (8)
9. 문제 161~180 : [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (9)
#81. A company is moving an on-premises data center to the AWS Cloud. The company must migrate 50 petabytes of file storage data to AWS with the least possible operational overhead.
Which AWS service or resource should the company use to meet these requirements?
- A. AWS Snowmobile
- B. AWS Snowball Edge
- C. AWS Data Exchange
- D. AWS Database Migration Service (AWS DMS)
Selected Answer: A
AWS Snowmobile is the appropriate choice for migrating 50 petabytes of file storage data to AWS with the least possible operational overhead. Snowmobile is a data transfer service that physically transports massive amounts of data to the AWS Cloud. It is a secure and efficient solution for extremely large data transfers.
#82. A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops.
Which AWS service will help the company deploy the application without investing in backend infrastructure or high-end client hardware?
- A. Amazon AppStream 2.0
- B. AWS AppSync
- C. Amazon WorkLink
- D. AWS Elastic Beanstalk
Selected Answer: A
A. Amazon AppStream 2.0.
Amazon AppStream 2.0 allows you to stream desktop applications securely to any device running a web browser, making it ideal for scenarios where the client hardware may not be powerful enough to run the application locally. With AppStream 2.0, the heavy lifting of processing is done on AWS servers, while users interact with the application through streaming.
#83. A company wants to query its server logs to gain insights about its customers’ experiences.
Which AWS service will store this data MOST cost-effectively?
- A. Amazon Aurora
- B. Amazon Elastic File System (Amazon EFS)
- C. Amazon Elastic Block Store (Amazon EBS)
- D. Amazon S3
Selected Answer: D
D. Amazon S3
For cost-effective storage and querying of large volumes of data, especially log data, Amazon S3 (Simple Storage Service) is the most suitable option. Amazon S3 is an object storage service designed to store and retrieve any amount of data from anywhere on the web.
#84. Which of the following is a recommended design principle for AWS Cloud architecture?
- A. Design tightly coupled components.
- B. Build a single application component that can handle all the application functionality.
- C. Make large changes on fewer iterations to reduce chances of failure.
- D. Avoid monolithic architecture by segmenting workloads.
Selected Answer : D
D. Avoid monolithic architecture by segmenting workloads.
Monolithic architectures can become unwieldy, difficult to maintain, and prone to failures. Segmenting workloads into smaller, more manageable components allows for greater scalability, resilience, and flexibility in the cloud. This approach aligns with best practices for modern cloud-native architectures, where services are decoupled, independently deployable, and can scale independently
#85. Which AWS service helps users audit API activity across their AWS account?
- A. AWS CloudTrail
- B. Amazon Inspector
- C. AWS WAF
- D. AWS Config
Selected Answer: A
With AWS CloudTrail, you can monitor your AWS deployments in the cloud by getting a history of AWS API calls for your account, including API calls made by using the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. You can also identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address from which the calls were made, and when the calls occurred. You can integrate CloudTrail into applications using the API, automate trail creation for your organization, check the status of your trails, and control how administrators turn CloudTrail logging on and off.
#86. Which task is a customer’s responsibility, according to the AWS shared responsibility model?
- A. Management of the guest operating systems
- B. Maintenance of the configuration of infrastructure devices
- C. Management of the host operating systems and virtualization
- D. Maintenance of the software that powers Availability Zones
Selected Answer: A
#87. A company wants to automatically add and remove Amazon EC2 instances. The company wants the EC2 instances to adjust to varying workloads dynamically.
Which service or feature will meet these requirements?
- A. Amazon DynamoDB
- B. Amazon EC2 Spot Instances
- C. AWS Snow Family
- D. Amazon EC2 Auto Scaling
Selected Answer: D
#88. A user wants to securely automate the management and rotation of credentials that are shared between applications, while spending the least amount of time on managing tasks.
Which AWS service or feature can be used to accomplish this?
- A. AWS CloudHSM
- B. AWS Key Management Service (AWS KMS)
- C. AWS Secrets Manager
- D. Server-side encryption
Selected Answer: C
AWS Secrets Manager makes it easier to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.
#89. Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS?
- A. Amazon GuardDuty
- B. Amazon Macie
- C. Amazon Inspector
- D. AWS Shield
Selected Answer : B
B. Amazon Macie is a data security service that discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks.
#90. Which actions are best practices for an AWS account root user? (Choose two.)
- A. Share root user credentials with team members.
- B. Create multiple root users for the account, separated by environment.
- C. Enable multi-factor authentication (MFA) on the root user.
- D. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.
- E. Use programmatic access instead of the root user and password.
Selected Answer: CD
The best practices for an AWS account root user are:
C. Enable multi-factor authentication (MFA) on the root user.
Enabling MFA adds an extra layer of security to protect the root user account from unauthorized access.
D. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.
It's recommended to create an IAM user with the necessary permissions for daily administrative tasks rather than using the root user. This practice helps in maintaining better security and accountability by reducing the reliance on the highly privileged root user account.
#91. A company is running a critical workload on an Amazon RDS DB instance. The company needs the DB instance to be highly available with a recovery time of less than 5 minutes.
Which solution will meet these requirements?
- A. Create a read replica of the DB instance.
- B. Create a template of the DB instance by using AWS CloudFormation.
- C. Take frequent snapshots of the DB instance. Store the snapshots in Amazon S3.
- D. Modify the DB instance to be a Multi-AZ deployment.
Selected Answer: D
In an Amazon RDS Multi-AZ deployment, Amazon RDS automatically creates a primary database (DB) instance and synchronously replicates the data to an instance in a different AZ. When it detects a failure, Amazon RDS automatically fails over to a standby instance without manual intervention.
#92. A company plans to migrate its application to AWS and run the application on Amazon EC2 instances. The application will have continuous usage for 1 year.
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?
- A. Reserved Instances
- B. Spot Instances
- C. On-Demand Instances
- D. Dedicated Hosts
Selected Answer: A
Reserved Instances are well-suited for applications with steady, predictable workloads over a term commitment, such as one year
#93. A company needs to transfer data between an Amazon S3 bucket and an on-premises application.
Who is responsible for the security of this data, according to the AWS shared responsibility model?
- A. The company
- B. AWS
- C. Firewall vendor
- D. AWS Marketplace partner
Selected Answer: A
Networking and traffic protection are a customer responsibility.
And of course Identity and Access Management which are needed when accessing an S3 bucket.
#94. Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand?
- A. Security
- B. Reliability
- C. Performance efficiency
- D. Cost optimization
Selected Answer : B
"Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues."
#95. A company wants to identify Amazon S3 buckets that are shared with another AWS account.
Which AWS service or feature will meet these requirements?
- A. AWS Lake Formation
- B. IAM credential report
- C. Amazon CloudWatch
- D. IAM Access Analyzer
Selected Answer : D
D. IAM Access Analyzer
IAM Access Analyzer helps you identify resources in your AWS account, such as S3 buckets, that are shared with external principals (including other AWS accounts). It continuously monitors resource policies for public and cross-account access to identify any unintended or risky configurations.
#96. Which AWS service gives users the ability to build interactive business intelligence dashboards that include machine learning insights?
- A. Amazon Athena
- B. Amazon Kendra
- C. Amazon QuickSight
- D. Amazon Redshift
Selected Answer: C
Amazon QuickSight is the AWS service that gives users the ability to create interactive business intelligence (BI) dashboards that can include machine learning insights. It allows you to connect and visualize data from various sources, perform exploratory analysis and share information collaboratively in the form of reports and dashboards.
#97. Which of the following is an AWS value proposition that describes a user’s ability to scale infrastructure based on demand?
- A. Speed of innovation
- B. Resource elasticity
- C. Decoupled architecture
- D. Global deployment
Selected Answer: B
The ability to acquire resources as you need them and release resources when you no longer need them. In the cloud, you want to do this automatically.
https://wa.aws.amazon.com/wellarchitected/2020-07-02T19-33-23/wat.concept.elasticity.en.html
#98. Which action is a security best practice for access to sensitive data that is stored in an Amazon S3 bucket?
- A. Enable S3 Cross-Region Replication (CRR) on the S3 bucket.
- B. Use IAM roles for applications that require access to the S3 bucket.
- C. Configure AWS WAF to prevent unauthorized access to the S3 bucket.
- D. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.
Selected Answer: B
B. Use IAM roles for applications that require access to the S3 bucket: This is a recommended practice for security. IAM roles provide a secure way to grant permissions that applications require to access AWS resources, including S3 buckets. The use of IAM roles ensures that access is granted with the principle of least privilege, reducing the risk of unauthorized access.
#99. A company wants to know more about the benefits offered by cloud computing. The company wants to understand the operational advantage of agility. How does AWS provide agility for users?
- A. The ability the ensure high availability by deploying workloads to multiple regions
- B. A pay-as-you-go model for many services and resources
- C. The ability to transfer infrastructure management to the AWS Cloud
- D. The ability to provision and deprovision resources quickly with minimal effort
Selected Answer: D
The agility provided by AWS is closely tied to the ability to provision and deprovision resources rapidly. AWS allows users to scale their infrastructure up or down based on demand, enabling them to quickly deploy new resources when needed and release them when no longer necessary. This flexibility and speed in resource management contribute to operational agility, allowing companies to respond more efficiently to changing business requirements.
#100. A company needs a central user portal so that users can log in to third-party business applications that support Security Assertion Markup Language (SAML) 2.0.
Which AWS service will meet this requirement?
- A. AWS Identity and Access Management (IAM)
- B. Amazon Cognito
- C. AWS IAM Identity Center (AWS Single Sign-On)
- D. AWS CLI
Selected Answer: B
The user wants to login to THIRD PARTY APPLICATION Not to AWS SERVICES. Definition of Cognito - Amazon Cognito supports authentication with identity providers (IdPs) through Security Assertion Markup Language 2.0 (SAML 2.0). You can use an IdP that supports SAML with Amazon Cognito to provide a simple onboarding flow for your users.
Support page - https://docs.aws.amazon.com/cognito/latest/developerguide/saml-identity-provider.html
■ 마무리
'AWS Certified Cloud Practitioner CLF-C02'에 대해서 정리해 봤습니다.
그럼 오늘 하루도 즐거운 나날 되길 기도하겠습니다
좋아요와 댓글 부탁드립니다 :)
감사합니다.
'AWS > Certified Cloud Practitioner (CLF)' 카테고리의 다른 글
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (7) (0) | 2024.08.18 |
|---|---|
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (6) (0) | 2024.08.17 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (4) (0) | 2024.08.16 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (3) (0) | 2024.08.16 |
| [AWS] Certified Cloud Practitioner CLF-C02 Dump 문제 정리 (2) (1) | 2024.08.15 |
댓글