CLF-C01 Exam - AWS Certified Cloud Practitioner

NEW QUESTION 1

What can a cloud practitioner use to retrieve AWS security and compliance documents and submit them as evidence to an auditor or regulator?

• A. AWS Certificate Manager
• B. AWS Systems Manager
• C. AWS Artifact
• D. Amazon Inspector

Answer: C

Explanation:
AWS Artifact is a service that provides on-demand access to AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and Service Organization Control (SOC) reports. You can download these documents and submit them as evidence to your auditors or regulators to demonstrate the security and compliance of the AWS infrastructure and services that you use. AWS Artifact also allows you to review, accept, and manage AWS agreements, such as the Business Associate Addendum (BAA) for customers who are subject to the Health Insurance Portability and Accountability Act (HIPAA). References: AWS Artifact, What is AWS Artifact?

NEW QUESTION 2

Which benefits can customers gain by using AWS Marketplace? (Select TWO.)

• A. Speed of business
• B. Fewer legal objections
• C. Ability to pay with credit cards
• D. No requirement for product licenses for any products
• E. Free use of all services for the first hour

Answer: AB

Explanation:
AWS Marketplace is a digital catalog that offers thousands of software products and solutions from independent software vendors (ISVs) and AWS partners. Customers can use AWS Marketplace to find, buy, and deploy software on AWS. Some of the benefits of using AWS Marketplace are:
✑ Speed of business: You can quickly and easily discover and deploy software that meets your business needs, without having to go through lengthy procurement processes. You can also use AWS Marketplace to test and compare different solutions before making a purchase decision.
✑ Fewer legal objections: You can benefit from standardized contract terms and conditions that are pre-negotiated between AWS and the ISVs. This reduces the time and effort required to review and approve legal agreements.

NEW QUESTION 3

A company wants to monitor its workload performance. The company wants to ensure that the cloud services are delivered at a level that meets its business needs.
Which AWS Cloud Adoption Framework (AWS CAF) perspective will meet these requirements?

• A. Business
• B. Governance
• C. Platform
• D. Operations

Answer: D

Explanation:
The Operations perspective helps you monitor and manage your cloud workloads to ensure that they are delivered at a level that meets your business needs. Common stakeholders include chief operations officer (COO), cloud director, cloud operations manager, and cloud operations engineers1. The Operations perspective covers capabilities such as workload health monitoring, incident management, change management, release management, configuration management, and disaster recovery2. The Business perspective helps ensure that your cloud investments accelerate your digital transformation ambitions and business outcomes. Common stakeholders include chief executive officer (CEO), chief financial officer (CFO), chief information officer (CIO), and chief technology officer (CTO). The Business perspective covers capabilities such as business case development, value realization, portfolio management, and stakeholder management3.
The Governance perspective helps you orchestrate your cloud initiatives while maximizing organizational benefits and minimizing transformation-related risks. Common stakeholders include chief transformation officer, CIO, CTO, CFO, chief data officer (CDO), and chief risk officer (CRO). The Governance perspective covers capabilities such as governance framework, budget and cost management, compliance management, and data governance4.
The Platform perspective helps you build an enterprise-grade, scalable, hybrid cloud platform, modernize existing workloads, and implement new cloud-native solutions. Common stakeholders include CTO, technology leaders, architects, and engineers. The Platform perspective covers capabilities such as platform design and implementation, workload migration and modernization, cloud-native development, and DevOps5. References:
✑ AWS Cloud Adoption Framework: Operations Perspective
✑ AWS Cloud Adoption Framework - Operations Perspective
✑ AWS Cloud Adoption Framework: Business Perspective
✑ AWS Cloud Adoption Framework: Governance Perspective
✑ AWS Cloud Adoption Framework: Platform Perspective

NEW QUESTION 4

A company has deployed an application in the AWS Cloud. The company wants to ensure that the application is highly resilient.
Which component of AWS infrastructure can the company use to meet this requirement?

• A. Content delivery network (CDN)
• B. Edge locations
• C. Wavelength Zones
• D. Availability Zones

Answer: D

Explanation:
Availability Zones are components of AWS infrastructure that can help the company ensure that the application is highly resilient. Availability Zones are multiple, isolated locations within each AWS Region. Each Availability Zone has independent power, cooling, and physical security, and is connected to the other Availability Zones in the same Region via low-latency, high-throughput, and highly redundant networking. Availability Zones allow you to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.

NEW QUESTION 5

A company is running its application in the AWS Cloud. The company wants to periodically review its AWS account for cost optimization opportunities.
Which AWS service or tool can the company use to meet these requirements?

• A. AWS Cost Explorer
• B. AWS Trusted Advisor
• C. AWS Pricing Calculator
• D. AWS Budgets

Answer: A

Explanation:
AWS Cost Explorer is an AWS service or tool that the company can use to periodically review its AWS account for cost optimization opportunities. AWS Cost Explorer is a tool that enables the company to visualize, understand, and manage their AWS costs and usage over time. The company can use AWS Cost Explorer to access interactive graphs and tables that show the breakdown of their costs and usage by service, region, account, tag, and more. The company can also use AWS Cost Explorer to forecast their future costs, identify trends and anomalies, and discover potential savings by using Reserved Instances or Savings Plans.

NEW QUESTION 6

According to the AWS shared responsibility model, who is responsible for the virtualization layer down to the physical security of the facilities in which AWS services operate?

• A. It is the sole responsibility of the customer.
• B. It is the sole responsibility of AWS.
• C. It is a shared responsibility between AWS and the customer.
• D. The customer's AWS Support plan tier determines who manages the configuration.

Answer: B

Explanation:
According to the AWS shared responsibility model, AWS is responsible for the security of the cloud, which includes the virtualization layer down to the physical security of the facilities in which AWS services operate1. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications that they use1.

NEW QUESTION 7

A company wants to develop a shopping application that records customer orders. The application needs to use an AWS managed database service to store data.
Which AWS service should the company use to meet these requirements?

• A. Amazon RDS
• B. Amazon Redshift
• C. Amazon ElastiCache
• D. Amazon Neptune

Answer: A

Explanation:
A is correct because Amazon RDS is the AWS service that provides a managed relational database service that supports various database engines, such as MySQL, PostgreSQL, Oracle, and SQL Server. B is incorrect because Amazon Redshift is the AWS service that provides a managed data warehouse service that is optimized for analytical queries. C is incorrect because Amazon ElastiCache is the AWS service that provides a managed in-memory data store service that supports Redis and Memcached. D is incorrect because Amazon Neptune is the AWS service that provides a managed graph database service that supports property graph and RDF models.

NEW QUESTION 8

Which AWS service uses AWS Compute Optimizer to provide sizing recommendations based on workload metrics?

• A. Amazon EC2
• B. Amazon RDS
• C. Amazon Lightsail
• D. AWS Step Functions

Answer: A

Explanation:
Amazon EC2 is a web service that provides secure, resizable compute capacity in the cloud. It allows you to launch virtual servers, called instances, with different configurations of CPU, memory, storage, and networking resources. AWS Compute Optimizer analyzes the specifications and utilization metrics of your Amazon EC2 instances and generates recommendations for optimal instance types that can reduce costs and improve performance. You can view the recommendations on the AWS Compute Optimizer console or the Amazon EC2 console12.
Amazon RDS, Amazon Lightsail, and AWS Step Functions are not supported by AWS Compute Optimizer. Amazon RDS is a managed relational database service that lets you set up, operate, and scale a relational database in the cloud. Amazon Lightsail is an easy- to-use cloud platform that offers everything you need to build an application or website, plus a cost-effective, monthly plan. AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly3 .

NEW QUESTION 9

What does "security of the cloud" refer to in the AWS shared responsibility model?

• A. Availability of AWS services such as Amazon EC2
• B. Security of the cloud infrastructure that runs all the AWS services
• C. Implementation of password policies for IAM users
• D. Security of customer environments by using AWS Network Firewall partners

Answer: B

Explanation:
Security of the cloud refers to the security of the cloud infrastructure that runs all the AWS services. This includes the hardware, software, networking, and facilities that AWS operates and manages. AWS is responsible for protecting the security of the cloud as part of the AWS shared responsibility model. Availability of AWS services such as Amazon EC2 refers to the ability of the services to be up and running and to meet the expected performance. Availability is part of the reliability pillar of the AWS Well-Architected Framework and is a shared responsibility between AWS and the customer . Implementation of password policies for IAM users refers to the security of the customer data and applications in the cloud. This includes the configuration and management of IAM user permissions, encryption keys, security group rules, network ACLs, and other aspects of access management. The customer is responsible for protecting the security in the cloud as part of the AWS shared responsibility model. Security of customer environments by using AWS Network Firewall partners refers to the security of the customer data and applications in the cloud. AWS Network Firewall is a managed service that provides network protection for Amazon VPCs. It allows customers to use AWS Marketplace partners to implement firewall rules and policies. The customer is responsible for protecting the security in the cloud as part of the AWS shared responsibility model .

NEW QUESTION 10

Which perspective in the AWS Cloud Adoption Framework (AWS CAF) includes a capability for well-designed data and analytics architecture?

• A. Security
• B. Governance
• C. Operations
• D. Platform

Answer: D

Explanation:
The correct answer is D. Platform.
The Platform perspective in the AWS Cloud Adoption Framework (AWS CAF) includes a capability for well-designed data and analytics architecture. This capability helps you design, implement, and optimize your data and analytics solutions on AWS, using services such as Amazon S3, Amazon Redshift, Amazon EMR, Amazon Kinesis, Amazon Athena, and Amazon QuickSight. A well-designed data and analytics architecture enables you to collect, store, process, analyze, and visualize data from various sources, and derive insights that can drive your business decisions12.
The Security perspective does not include a capability for data and analytics architecture, but it does include a capability for data protection, which helps you secure your data at rest and in transit using encryption, key management, access control, and auditing13.
The Governance perspective does not include a capability for data and analytics architecture, but it does include a capability for data governance, which helps you manage the quality, availability, usability, integrity, and security of your data assets14.
The Operations perspective does not include a capability for data and analytics architecture, but it does include a capability for data operations, which helps you monitor, troubleshoot, and optimize the performance and availability of your data pipelines and workloads1 .
References:
1: Foundational capabilities - An Overview of the AWS Cloud Adoption Framework 2: [AWS Cloud Adoption Framework: Platform Perspective] 3: [AWS Cloud Adoption Framework: Security Perspective] 4: [AWS Cloud Adoption Framework: Governance Perspective] : [AWS Cloud Adoption Framework: Operations Perspective]

NEW QUESTION 11

Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?

• A. Security awareness and training
• B. Development of an IAM password policy
• C. Patching of the guest operating system
• D. Physical and environmental controls

Answer: D

Explanation:
Physical and environmental controls are entirely the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications. For more information, see [AWS Shared Responsibility Model] and [AWS Cloud Security].

NEW QUESTION 12

A company is running an application on AWS. The company wants to identify and prevent the accidental
Which AWS service or feature will meet these requirements?

• A. Amazon GuardDuty
• B. Network ACL
• C. AWS WAF
• D. AWS Network Firewall

Answer: A

Explanation:
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. With the cloud, the collection and aggregation of account and network activities is simplified, but it can be time consuming for security teams to continuously analyze event log data for potential threats. With GuardDuty, you can automate anomaly detection and get actionable findings to help you protect your AWS resources4.

NEW QUESTION 13

company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.
Which pillar of the AWS Well-Architected Framework is supported by these goals?

• A. Reliability
• B. Security
• C. Operational excellence
• D. Performance efficiency

Answer: B

Explanation:
The pillar of the AWS Well-Architected Framework that is supported by the goals of protecting AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks is security. Security is the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. The security pillar covers topics such as identity and access management, data protection, infrastructure protection, detective controls, incident response, and compliance

NEW QUESTION 14

Which of the following is a cost efficiency principle related to the AWS Cloud?

• A. Right-size services based on capacity requirements.
• B. Use the Billing Dashboard to access information about monthly bills.
• C. Use AWS Organizations to combine the expenses of multiple accounts into a single bill.
• D. Tag all AWS resources.

Answer: A

Explanation:
One of the cost efficiency principles related to the AWS Cloud is to right-size services based on capacity requirements. This means choosing the most appropriate type
and size of AWS resources to meet the performance and scalability needs of the applications, while avoiding over-provisioning or under-provisioning. By right-sizing services, users can optimize the costs and benefits of using the AWS Cloud1

NEW QUESTION 15

A company wants to generate a list of IAM users. The company also wants to view the status of various credentials that are associated with the users, such as password, access keys: and multi-factor authentication (MFA) devices
Which AWS service or feature will meet these requirements?

• A. IAM credential report
• B. AWS IAM Identity Center (AWS Single Sign-On)
• C. AWS Identity and Access Management Access Analyzer
• D. AWS Cost and Usage Report

Answer: A

Explanation:
An IAM credential report is a feature of AWS Identity and Access Management (IAM) that allows you to view and download a report that lists all IAM users in your account and the status of their various credentials, such as passwords, access keys, and MFA devices. You can use this report to audit the security status of your IAM users and ensure that they follow the best practices for credential
management1. References: 1: AWS Documentation - IAM User Guide - Getting credential reports for your AWS account

NEW QUESTION 16

A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The company also needs the ability to increase or decrease its resource usage to meet business requirements.
Which pillar of the AWS Well-Architected Framework aligns with these requirements?

• A. Operational excellence
• B. Security
• C. Reliability
• D. Cost optimization

Answer: D

Explanation:
Cost optimization is the pillar of the AWS Well-Architected Framework that aligns with the requirements of not relying on elaborate forecasting and paying only for the resources that are used. The cost optimization pillar focuses on the ability of a system to deliver business value at the lowest price point. Cost optimization involves using the right AWS services and resources for the workload, measuring and monitoring the cost and usage, and continuously improving the cost efficiency. Cost optimization also leverages the benefits of the AWS Cloud, such as pay-as-you-go pricing, elasticity, and scalability. For more information, see [Cost Optimization Pillar] and [Cost Optimization].

NEW QUESTION 17
......