part 1.pdf

Full Transcript

7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

- Expert Verified, Online, Free.

 Custom View Settings

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 1/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Topic 1 - Exam A

Question #1 Topic 1

A company plans to use an Amazon Snowball Edge device to transfer files to the AWS Cloud.

Which activities related to a Snowball Edge device are available to the company at no cost?

A. Use of the Snowball Edge appliance for a 10-day period

B. The transfer of data out of Amazon S3 and to the Snowball Edge appliance

C. The transfer of data from the Snowball Edge appliance into Amazon S3

D. Daily use of the Snowball Edge appliance after 10 days

Correct Answer: C

Community vote distribution
A (80%) C (20%)

  www_dumpsvibe_com_1web Highly Voted  1 month ago

Selected Answer: A

A. Use of the Snowball Edge appliance for a 10-day period.
upvoted 29 times

  olivialiam6487 Highly Voted  1 week, 5 days ago

Selected Answer: A

A is correct answer ( t.ly/AWSCertifiedCloudPractitioner )
upvoted 11 times

  Carlos1812 Most Recent  1 day, 22 hours ago

Selected Answer: A

Topitexam-com A (no discussion)
upvoted 3 times

  Carlos1812 1 day, 22 hours ago
Selected Answer: A

A no discussions (topitexam.com)
upvoted 2 times

  seyef 3 days, 1 hour ago
C is correct answers exam still valid, took it today and all thanks ExamforSure.com
upvoted 1 times

  AmazonExams_com 4 days ago
AWS Inspector is designed to assess the security of your AWS resources only. Here you want to improve deployments with best practices. So, the
answer is Trusted Advisor
upvoted 1 times

  Amazon_Dumps_com 1 week, 2 days ago
Selected Answer: A

A is Valid ( AAAAAA )
upvoted 2 times

  griggrig 2 weeks, 5 days ago
You pay for device usage and data transfer out of AWS
Data transfer IN to Amazon S3 is $0.00 per GB
On-Demand
Includes a one-time service fee per job, which includes:
10 days of usage for Snowball Edge Storage Optimized 80TB
15 days of usage for Snowball Edge Storage Optimized 210TB
Shipping days are NOT counted towards the included 10 or 15 days
Pay per day for any additional days
upvoted 1 times

  hmj8805 3 weeks, 3 days ago
Selected Answer: C

from AWS web
* On-demand pricing includes a service fee per job, which includes 10 days of device use for SBE Snowball Edge Storage Optimized 80TB device.....
https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 2/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

* Data transfer IN to Amazon S3 is $0.00 per GB (except for small files as explained below).
So the better answer would be C.
Because use of the AWS Snowball Edge device is subject to an on-demand service fee, which includes 10 days of usage.
upvoted 2 times

  Certifiedumps 4 weeks ago

Selected Answer: A

The activities related to a Snowball Edge device that are available to the company at no cost are:

A. Use of the Snowball Edge appliance for a 10-day period
C. The transfer of data from the Snowball Edge appliance into Amazon S3

Typically, AWS does not charge for using the Snowball Edge appliance for a specified initial period (usually 10 days) and for importing data into
Amazon S3 from the Snowball Edge device. However, other activities such as data transfer out of Amazon S3 to the device and daily use of the
device beyond the initial 10-day period may incur additional costs.
upvoted 9 times

  MUTA 1 month, 1 week ago
When using an Amazon Snowball Edge device to transfer files to the AWS Cloud, there are several activities that are available to the company at no
additional cost. These include:

Data Transfer into Amazon S3:

Transferring data from the Snowball Edge device into Amazon S3 does not incur any charges. AWS does not charge for data ingestion into S3.
Device Shipping (Standard Shipping):

The cost of standard shipping to and from AWS is included in the service cost. This means that AWS covers the shipping charges for delivering the
Snowball Edge device to your location and returning it to AWS, provided you use the standard shipping option.
Data Transfer within Snowball Edge Device:

Moving data within the Snowball Edge device, such as transferring data to the device's local storage, is free of charge.
upvoted 1 times

  hatanaoki 2 months ago

Selected Answer: C

C is right answer.
upvoted 1 times

  pragnachowdary 2 months, 2 weeks ago
you will be charged for the data transfer and AWS service usage once the device is in use
transferring data to and from the snowball edge device is free within the same awsregion
however snowball devices incur data transfer charges if you transferr data between the regions or between the snowball edge device and other
AWS services outside the same region there are no additional charges for using it during the rental period typically 10 days for the snowball edge
storage optimized and 30 days for snowball edge computeoptimized
upvoted 2 times

  pragnachowdary 2 months, 2 weeks ago

Selected Answer: C

you will be charged for data transfer and AWS service usage once the device is in use.
transferring data to and from the snowball edge device is free within same AWS region
however snowball devices may incur data transfer charges if you transfer data between regions or between the snowball edge device and other
AWS services outside the same region there are no additional charges for using it during the rental period typically 10 days for snowball edge
storage optimized and 30 days for Snowball edge compute optimized.
upvoted 1 times

  RyeBread 3 months, 2 weeks ago
Just an FYI, be sure to study the material and use this as a second source. I saw maybe 15 questions from 384 available on this site on my exam.
Thankfully I used other material to learn and didn't rely on these questions. Definitely would have failed if this was my primary source of study. This
material is good to guage your knowledge but if you are looking for actual questions for the exam, this bank was not helpful. This is just my
experience. Others may have had a better experience. Use with caution.
upvoted 7 times

  buccanaquarter 4 weeks ago
Hey RyeBread what was your study material did you use?
upvoted 1 times

  vin66 3 months, 1 week ago
primary souce what it is?
upvoted 1 times

  mhieu 3 months, 2 weeks ago
what is your primary source of study ?
upvoted 1 times

  JavierEF 4 months, 2 weeks ago

Selected Answer: C

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 3/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

I just want to point out that answer B makes no sense, since the Snow devices have the purpose to get into an AWS storage data that are not
already there.
upvoted 1 times

  Ponnu87 4 months, 4 weeks ago

Selected Answer: C

Option C
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 4/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #2 Topic 1

A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify

infrastructure deployments that do not meet best practices.

Which AWS service can the company use to meet these requirements?

A. AWS Trusted Advisor

B. Amazon Inspector

C. AWS Config

D. Amazon GuardDuty

Correct Answer: B

Community vote distribution
B (92%) 8%

  www_dumpsvibe_com_1web Highly Voted  1 month ago

Selected Answer: B

B. Amazon Inspector
Explanation: Amazon Inspector assesses application vulnerabilities and identifies potential security issues in EC2 instances, helping ensure
infrastructure deployments meet best practices.
upvoted 29 times

  Nepton Highly Voted  8 months, 1 week ago

Amazon Inspector for Audit
CloudWatch for monitoring
Config for compliance
upvoted 13 times

  Web_AmazonExams Most Recent  1 week, 5 days ago

Selected Answer: B

Inspector is all about security assessments of AWS based applications and their configurations against known vulnerabilities. GuardDuty is all abou
continuously and automatically process different foundational data sources such as CloudTrail event logs, VPC flow logs and DNS logs to find
potential security threat over an entire AWS account not just only with applications and it also uses threat intelligence feeds, such as lists of
malicious IP addresses and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within AWS
environment. So as far as assessment is concerned Inspector is the right answer.
upvoted 1 times

  hatanaoki 2 months ago
Selected Answer: B

B is right answer.
upvoted 1 times

  chalaka 2 months, 1 week ago

Selected Answer: B

Amazon Inspector is specifically designed to assess the security of applications deployed on Amazon EC2 instances. It identifies vulnerabilities and
deviations from best practices, providing detailed findings that help improve the security posture of your applications. This makes it the most
suitable service for the company's need to assess application vulnerabilities and identify infrastructure deployments that do not meet best
practices.
upvoted 2 times

  BryanNkala 3 months, 2 weeks ago

Selected Answer: B

Amazon Inspector for checking any vulnerabilities
upvoted 2 times

  James_Srm 5 months, 2 weeks ago

Selected Answer: B

AWS Inspector automatically assess vulnerability and unintended network exposure. It assess based on known vulnerabilities and then notify to
AWS resources owner for remediate.
https://aws.amazon.com/inspector/features/?nc=sn&loc=2&refid=3da0c7fb-0599-4e9f-a78c-2df84cba096e
upvoted 3 times

  Ruffyit 6 months ago
Amazon Inspector is a cloud-based service that automatically detects security vulnerabilities in applications and infrastructures. It can identify
vulnerabilities in applications running on Amazon EC2 instances, as well as infrastructure deployments that do not adhere to best practices.

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 5/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

upvoted 1 times

  Johnver 6 months, 2 weeks ago

Selected Answer: B

Letter B
upvoted 1 times

  BShelat 6 months, 3 weeks ago

Selected Answer: B

Inspector is all about security assessments of AWS based applications and their configurations against known vulnerabilities. GuardDuty is all abou
continuously and automatically process different foundational data sources such as CloudTrail event logs, VPC flow logs and DNS logs to find
potential security threat over an entire AWS account not just only with applications and it also uses threat intelligence feeds, such as lists of
malicious IP addresses and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within AWS
environment. So as far as assessment is concerned Inspector is the right answer.
upvoted 4 times

  fguglia 7 months, 2 weeks ago

Selected Answer: A

For me A is the correct answer
upvoted 1 times

  bart97 3 months, 3 weeks ago
While a valuable tool, Trusted Advisor focuses on high-level cost optimization and security recommendations. It wouldn't provide the level of
detail needed for in-depth application vulnerability assessment or best practice checks for infrastructure deployments.
upvoted 3 times

  VikJo1978 7 months, 3 weeks ago
Selected Answer: B

The answer is B. Amazon Inspector.

Amazon Inspector is a cloud-based service that automatically detects security vulnerabilities in applications and infrastructures. It can identify
vulnerabilities in applications running on Amazon EC2 instances, as well as infrastructure deployments that do not adhere to best practices.
upvoted 1 times

  petercorn 8 months, 1 week ago

Selected Answer: B

Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and
unintended network exposure.
The key word here is "vulnerabilities".
upvoted 2 times

  Nepton 8 months, 1 week ago
Amazon Inspector
upvoted 1 times

  Fulmi 8 months, 1 week ago

Selected Answer: A

AWS Inspector is designed to assess the security of your AWS resources only. Here you want to improve deployments with best practices. So, the
answer is Trusted Advisor
upvoted 3 times

  Olixpin 9 months, 1 week ago
Amazon Inspector is a Vulnerability Management Service which helps you to scan, assess risk score, identify high impact findings with dashboards.
upvoted 1 times

  Simonwub 9 months, 1 week ago
answer B: Amazon Inspector is an automated vulnerability management service that helps improve the security and compliance of applications
deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After
performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity.
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 6/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #3 Topic 1

A company has a centralized group of users with large file storage requirements that have exceeded the space available on premises. The

company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally.

What is the MOST operationally efficient AWS solution for this scenario?

A. Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility.

B. Configure and deploy an AWS Storage Gateway file gateway. Connect each user’s workstation to the file gateway.

C. Move each user’s working environment to Amazon WorkSpaces. Set up an Amazon WorkDocs account for each user.

D. Deploy an Amazon EC2 instance and attach an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS volume. Share the EBS volume

directly with the users.

Correct Answer: B

Community vote distribution
B (100%)

  www_dumpsvibe_com_1web Highly Voted  1 month ago

Selected Answer: B

Option B: Configure and deploy an AWS Storage Gateway file gateway.
upvoted 30 times

  ShivaNagarajan Highly Voted  9 months, 2 weeks ago

Selected Answer: B

AWS Storage Gateway is a hybrid storage service
upvoted 6 times

  Web_AmazonExams Most Recent  1 week, 5 days ago

Selected Answer: B

B is correct
AWS Storage Gateway: Connect [on premises] with [AWS S3]
file gateway:one of the AWS Storage Gateway's interface
upvoted 1 times

  jeevagowtham 1 month ago
Allows you to seamlessly connect on-premises applications to cloud-based storage
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
B. Configure and deploy an AWS Storage Gateway file gateway. Connect each user’s workstation to the file gateway.

Using an AWS Storage Gateway file gateway allows you to extend your on-premises file storage into the AWS Cloud seamlessly. It provides low-
latency access to your data stored in Amazon S3 while maintaining the performance benefits of local access. This solution enables centralized
management of storage while still allowing users to access files as if they were stored locally. Additionally, it eliminates the need for managing
individual S3 buckets for each user, simplifying administration and scalability.
upvoted 3 times

  Ruffyit 6 months ago
B is correct
AWS Storage Gateway: Connect [on premises] with [AWS S3]
file gateway:one of the AWS Storage Gateway's interface
upvoted 1 times

  ohoong 7 months, 2 weeks ago
Selected Answer: B

B is correct
upvoted 1 times

  Nepton 8 months, 1 week ago
Configure and deploy an AWS Storage Gateway file gateway. Connect each user’s workstation to the file gateway.
upvoted 2 times

  GSMUTTA 9 months ago
Looks like B is correct
upvoted 1 times

  SimonQY 9 months ago
https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 7/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

B is correct
AWS Storage Gateway: Connect [on premises] with [AWS S3]
file gateway:one of the AWS Storage Gateway's interface
upvoted 2 times

  kessio 9 months, 1 week ago
B is correct
upvoted 1 times

  Rotimija 9 months, 2 weeks ago
B is correct
upvoted 3 times

  ShivaNagarajan 9 months, 2 weeks ago
AWS Storage Gateway is a hybrid storage service
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 8/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #4 Topic 1

According to security best practices, how should an Amazon EC2 instance be given access to an Amazon S3 bucket?

A. Hard code an IAM user’s secret key and access key directly in the application, and upload the file.

B. Store the IAM user’s secret key and access key in a text file on the EC2 instance, read the keys, then upload the file.

C. Have the EC2 instance assume a role to obtain the privileges to upload the file.

D. Modify the S3 bucket policy so that any service can upload to it at any time.

Correct Answer: C

Community vote distribution
C (79%) D (21%)

  TheFivePips Highly Voted  6 months ago

Selected Answer: C

The recommended security best practice for giving an Amazon EC2 instance access to an Amazon S3 bucket is option C: Have the EC2 instance
assume a role to obtain the privileges to upload the file. This involves using AWS Identity and Access Management (IAM) roles to grant temporary
permissions to the EC2 instance, rather than hard-coding or storing access keys directly in the application or on the instance.

This approach enhances security by minimizing the exposure of long-term credentials and following the principle of least privilege. The EC2
instance assumes a role with specific permissions to interact with the S3 bucket, and AWS automatically rotates temporary credentials for the
instance.

Options A and B involve storing IAM user's secret keys on the EC2 instance, which is not recommended due to security risks. Option D, modifying
the S3 bucket policy to allow any service to upload to it at any time, is also not recommended as it may lead to security vulnerabilities and
compromises the principle of least privilege.
upvoted 5 times

  chalaka Most Recent  2 months, 3 weeks ago

Selected Answer: C

C. Have the EC2 instance assume a role to obtain the privileges to upload the file.

Using IAM roles and granting EC2 instances permissions to assume these roles is the best practice for managing access to AWS resources securely.
By assigning an IAM role to the EC2 instance and configuring the necessary permissions in the role's policy, you can ensure that the EC2 instance
has the appropriate permissions to access the S3 bucket without the need to hard code or store sensitive credentials on the instance. This
approach follows the principle of least privilege and enhances security by reducing the risk of exposure of access keys or secrets
upvoted 1 times

  chalaka 3 months ago

Selected Answer: C

C. Have the EC2 instance assume a role to obtain the privileges to upload the file. is correct.
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
C. Have the EC2 instance assume a role to obtain the privileges to upload the file.

Using IAM roles to grant permissions to EC2 instances is a more secure and manageable method compared to hard coding or storing access keys
directly on the instance. By assigning an IAM role to the EC2 instance, you can define the necessary permissions for accessing the S3 bucket
without exposing any sensitive credentials. This follows the principle of least privilege, ensuring that the EC2 instance only has the permissions it
needs to perform its intended tasks, enhancing overall security posture.
upvoted 3 times

  Ruffyit 5 months, 4 weeks ago
The recommended security best practice for giving an Amazon EC2 instance access to an Amazon S3 bucket is option C: Have the EC2 instance
assume a role to obtain the privileges to upload the file. This involves using AWS Identity and Access Management (IAM) roles to grant temporary
permissions to the EC2 instance, rather than hard-coding or storing access keys directly in the application or on the instance.
upvoted 2 times

  Vasisht 7 months ago
Selected Answer: C

Option C is correct
upvoted 2 times

  ohoong 7 months, 2 weeks ago
Selected Answer: C

yes C is correct
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 9/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  Nepton 8 months, 1 week ago
Have the EC2 instance assume a role to obtain the privileges to upload the file.
upvoted 1 times

  lunamuller 9 months ago

Selected Answer: C

Answer is C.
upvoted 1 times

  ASDFDSAFDFA 9 months ago

Selected Answer: C

C obviously
upvoted 1 times

  parrtner73 9 months, 2 weeks ago
Selected Answer: C

C is the correct one
upvoted 1 times

  Anyio 9 months, 2 weeks ago
Selected Answer: C

You definitely need a role to access the S3 bucket as best practice!
https://repost.aws/knowledge-center/ec2-instance-access-s3-bucket#
upvoted 2 times

  Rotimija 9 months, 2 weeks ago
C is correct
upvoted 2 times

  ShivaNagarajan 9 months, 2 weeks ago
Selected Answer: D

https://repost.aws/knowledge-center/ec2-instance-access-s3-bucket#
upvoted 4 times

  Anyio 9 months, 2 weeks ago
You mean C dude!
upvoted 6 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 10/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #5 Topic 1

Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model?

A. Physical security of DynamoDB

B. Patching of DynamoDB

C. Access to DynamoDB tables

D. Encryption of data at rest in DynamoDB

Correct Answer: C

Community vote distribution
C (84%) D (16%)

  James_Srm Highly Voted  5 months, 2 weeks ago

Selected Answer: C

based on docs, AWS DynamoDB is automatically encrypted your data as default (but RDS you must turn on this feature by your self)
ref: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html
ref: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html#Overview.Encryption.Determining
upvoted 11 times

  NIREI_AKANE Most Recent  1 month, 3 weeks ago

If Encryption is default in dynamodb. Then answer will be C. Access to dynamoDb table Right..
upvoted 1 times

  lucaschen9511 2 months ago

Selected Answer: C

Encryption is AWS's responsibility.
upvoted 1 times

  chalaka 3 months ago

Selected Answer: C

C. Access to DynamoDB tables

This means that customers are responsible for managing access control to their DynamoDB tables, including configuring IAM policies, roles, and
permissions to ensure that only authorized users or services can interact with the tables. This responsibility involves setting up appropriate
authentication and authorization mechanisms to protect the data stored in DynamoDB from unauthorized access.
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
C. Access to DynamoDB tables

The customer is responsible for managing access control to their DynamoDB tables, including defining permissions, roles, and policies to control
who can access the tables and what actions they can perform. This involves setting up appropriate IAM policies and roles to restrict access to
authorized users and applications while adhering to security best practices.
upvoted 3 times

  Frank3108 4 months, 3 weeks ago
Selected Answer: D

Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the
appropriate permissions.
upvoted 1 times

  bd29 5 months, 1 week ago

Selected Answer: C

The customer is responsible for:
C. Access to DynamoDB tables
upvoted 1 times

  LinuxChamp 5 months, 1 week ago
C = CORRECT
upvoted 2 times

  Amaan101 5 months, 2 weeks ago

Selected Answer: C

C because why should aws has the power to control who will access the tables..🫠
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 11/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  Ruffyit 5 months, 4 weeks ago
Under the AWS Shared Responsibility Model, the responsibility for certain aspects of a service is divided between AWS and the customer.
Regarding Amazon DynamoDB:

The customer is responsible for:

C. Access to DynamoDB tables

This means that the customer is responsible for managing and controlling access to their DynamoDB tables, including setting up appropriate IAM
(Identity and Access Management) permissions and policies.
upvoted 1 times

  TheFivePips 6 months ago

Selected Answer: C

Under the AWS Shared Responsibility Model, the responsibility for certain aspects of a service is divided between AWS and the customer.
Regarding Amazon DynamoDB:

The customer is responsible for:

C. Access to DynamoDB tables

This means that the customer is responsible for managing and controlling access to their DynamoDB tables, including setting up appropriate IAM
(Identity and Access Management) permissions and policies.

AWS is responsible for:

A. Physical security of DynamoDB
B. Patching of DynamoDB
D. Encryption of data at rest in DynamoDB

AWS takes care of the physical infrastructure, patches and updates the DynamoDB service, and provides encryption mechanisms for data at rest. It'
important for customers to be aware of their responsibilities and configure access controls accordingly to ensure the security of their DynamoDB
tables.
upvoted 2 times

  BShelat 6 months, 3 weeks ago
Selected Answer: C

https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html#:~:text=DynamoDB%20also%20offers%20encryption%
0at%20rest%2C%20which%20eliminates%20the%20operational%20burden%20and%20complexity%20involved%20in%20protecting%20sensitive%
20data.%20For%20more%20information%2C%20see%20DynamoDB%20encryption%20at%20rest.
upvoted 3 times

  AxiansPT 7 months, 1 week ago
Selected Answer: C

AWS database managed services already implement encryption at rest:
https://aws.amazon.com/pm/dynamodb/?gclid=Cj0KCQiA4Y-sBhC6ARIsAGXF1g62nH-
xwU3jA3Rijthg64iin_6g_SPOgCaHCeCDs1A7S1s6SxMbnfgaAt4AEALw_wcB&trk=bf64c969-685f-4fc4-b36b-
4bcbda56cee7&sc_channel=ps&ef_id=Cj0KCQiA4Y-sBhC6ARIsAGXF1g62nH-
xwU3jA3Rijthg64iin_6g_SPOgCaHCeCDs1A7S1s6SxMbnfgaAt4AEALw_wcB:G:s&s_kwcid=AL!4422!3!536324221413!p!!g!!dynamodb!12195830303!1
19606857400
upvoted 2 times

  ohoong 7 months, 2 weeks ago
Selected Answer: C

C is correct
upvoted 1 times

  VikJo1978 7 months, 3 weeks ago
Selected Answer: C

The answer is C. Access to DynamoDB tables.

Within the AWS Shared Responsibility Model, Amazon is responsible for the physical security of DynamoDB, patching DynamoDB, and encrypting
non-active data in DynamoDB. Customers are responsible for accessing DynamoDB tables.
upvoted 3 times

  axat 7 months, 3 weeks ago

Selected Answer: C

C. Access to DynamoDB tables

Under the AWS Shared Responsibility Model, customers are responsible for managing access to their resources, including controlling who has
access to their Amazon DynamoDB tables. This involves setting up and configuring AWS Identity and Access Management (IAM) policies to contro
authentication and authorization for DynamoDB.
upvoted 1 times

  Nepton 8 months, 1 week ago
Access to DynamoDB tables

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 12/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

upvoted 1 times

  Nepton 8 months, 1 week ago
DynamoDB is a managed NoSQL Database, at Rest and in Rest's data encryption will be the AWS's responsability.
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 13/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #6 Topic 1

Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?

A. Sustainability

B. Performance efficiency

C. Governance

D. Reliability

Correct Answer: C

Community vote distribution
C (100%)

  Snap67 Highly Voted  9 months ago

This question is outdated since document revision October 3, 2023
https://docs.aws.amazon.com/wellarchitected/latest/framework/document-revisions.html
Pillars:
- Operational excellence
- Security
- Reliability
- Performance efficiency
- Cost optimization
- Sustainability

"AWS CAF perspectives and foundational capabilities" is not used anymore.
upvoted 14 times

  Ruffyit Highly Voted  5 months, 3 weeks ago

There are 3 perspective options for AWS CAF
1-Business
2-People
3-Governance
https://aws.amazon.com/cloud-adoption-framework/
upvoted 6 times

  BobFar Most Recent  6 months ago

There are 3 perspective options for AWS CAF
1-Business
2-People
3-Governance
https://aws.amazon.com/cloud-adoption-framework/
upvoted 2 times

  TheFivePips 5 months, 4 weeks ago
lol, you need to scroll down a little more and read the additional 3 perspectives
upvoted 3 times

  BobFar 5 months, 2 weeks ago
You are right ,
here is more details

1. Governance: Establishes a structured approach to manage and govern AWS resources.
2. Security: Integrates best practices for securing AWS environments.
3. Cost Management: Provides guidelines for optimizing costs and managing budget effectively.
4. Operational Excellence: Focuses on operational efficiency and continuous improvement.
5. Reliability: Ensures the reliability of systems through well-architected design principles.
6. Performance Efficiency: Guides optimization of resources for optimal performance.
7. Resilience: Emphasizes building resilient systems that can withstand and recover from failures.
8. Alignment: Aligns business strategies and objectives with cloud initiatives.
9. Business Value: Maximizes the value derived from AWS services for organizational goals.
10. People and Culture: Addresses the cultural and skill aspects of cloud adoption.
upvoted 1 times

  TheFivePips 6 months ago
Selected Answer: C

A. Sustainability:

While sustainability is an important consideration, it is not typically associated with the foundational capabilities of the AWS Cloud Adoption
Framework (CAF). The AWS CAF focuses more on organizational readiness, governance, and best practices for adopting the AWS Cloud.

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 14/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

B. Performance efficiency:

Performance efficiency is related to optimizing the performance of workloads in the cloud. While important, it's not specifically a foundational
capability outlined in the AWS CAF.

C. Governance:

Governance is a foundational capability in the AWS CAF. It involves establishing and enforcing policies and controls to manage and optimize cloud
resources effectively. Governance in AWS CAF helps organizations maintain control, ensure compliance, and manage risks in their cloud
environment.

D. Reliability:

While reliability is crucial for cloud services, it's not explicitly mentioned as a foundational capability in the AWS CAF. However, reliability is often
addressed as part of best practices and operational considerations when adopting the AWS Cloud.
upvoted 1 times

  BShelat 6 months, 3 weeks ago

Selected Answer: C

CAF Capabilities and perspectives: BPS-GPO (Business, People, Security) - (Governance, Platform, Operations)

https://aws.amazon.com/cloud-adoption-framework/
upvoted 1 times

  stheno 7 months ago

Selected Answer: C

Business, People, Governance, Platform, Security and Operations.
upvoted 3 times

  Snap67 8 months, 3 weeks ago

Selected Answer: C

Sorry, mixed up Cloud Adapter Framework (CAF) and Well Architected.
upvoted 2 times

  Anyio 9 months, 2 weeks ago

Selected Answer: C

C is the correct answer!

The 6 AWS CAF perspectives are: Business, People, Governance, Platform, Security and Operations.
https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba
upvoted 3 times

  Ailil 9 months, 2 weeks ago
Selected Answer: C

Only the c response perspective.

https://docs.aws.amazon.com/whitepapers/latest/aws-caf-governance-perspective/appendix-aws-caf-perspectives-and-foundational-
capabilities.html
upvoted 3 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 15/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #7 Topic 1

A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants an alternative to help manage

cluster size, scheduling, and environment maintenance.

Which AWS service meets these requirements?

A. AWS Lambda

B. Amazon RDS

C. AWS Fargate

D. Amazon Athena

Correct Answer: C

Community vote distribution
C (100%)

  BobFar Highly Voted  5 months, 2 weeks ago

The Anaswer is C, AWS Fargate
AWS Fargate: A technology that you can use with Amazon ECS to run containers without having to manage servers or clusters of Amazon EC2
instances.
AWS Lambda: A serverless service to enable developers to run code without provisioning.
AWS RDS : Fully managed relational database service.
AWS Athena: An interactive query service that makes it simple to analyze data directly in Amazon S3 using standard SQL.
upvoted 9 times

  Parthkumar Most Recent  2 months ago

Selected Answer: C

AWS Fargate : Compute service for containers
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
C. AWS Fargate

AWS Fargate is a compute engine for Amazon ECS (Elastic Container Service) that allows you to run containers without having to manage the
underlying infrastructure. With AWS Fargate, you can specify and pay for resources per application, improving efficiency and scalability. It handles
cluster management, scaling, and maintenance tasks, allowing you to focus on deploying and managing your containers and applications.
Therefore, AWS Fargate is an excellent alternative for managing Docker environments on EC2 instances while abstracting away the complexities of
infrastructure management.
upvoted 3 times

  Ruffyit 5 months, 3 weeks ago
AWS Fargate is a serverless compute engine for containers that lets you run containers without managing the underlying infrastructure. It simplifie
the process of managing clusters, scheduling tasks, and handling environment maintenance for containerized applications. With AWS Fargate, you
only need to focus on your containers and applications, and AWS takes care of the underlying infrastructure. This makes it a suitable alternative for
companies looking to simplify container management on Amazon EC2 instances.
upvoted 2 times

  TheFivePips 6 months ago

Selected Answer: C

AWS Fargate is a serverless compute engine for containers that lets you run containers without managing the underlying infrastructure. It simplifie
the process of managing clusters, scheduling tasks, and handling environment maintenance for containerized applications. With AWS Fargate, you
only need to focus on your containers and applications, and AWS takes care of the underlying infrastructure. This makes it a suitable alternative for
companies looking to simplify container management on Amazon EC2 instances.
upvoted 4 times

  BShelat 6 months, 3 weeks ago
Selected Answer: C

https://docs.aws.amazon.com/AmazonECS/latest/userguide/what-is-fargate.html

AWS Fargate is a technology that you can use with Amazon ECS to run containers without having to manage servers or clusters of Amazon EC2
instances. With Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers. This removes the need
to choose server types, decide when to scale your clusters, or optimize cluster packing.
upvoted 4 times

  stheno 7 months ago

Selected Answer: C

Serverless compute for containers
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 16/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  YSJ_VIT 7 months, 1 week ago

Selected Answer: C

Fargate is the right answer :)
it's a hands-off way :)
upvoted 1 times

  Mefre7 8 months, 2 weeks ago
Answer is c
upvoted 1 times

  lunamuller 9 months ago
Selected Answer: C

Answer is C. AWS Fargate.
upvoted 1 times

  Anyio 9 months, 2 weeks ago

Selected Answer: C

C is the correct answer!

AWS Fargate is a serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers. AWS Fargate is
compatible with both Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS).
https://aws.amazon.com/fargate/
upvoted 3 times

  liubomir4o 9 months, 2 weeks ago
C -Fargate https://aws.amazon.com/fargate/
upvoted 2 times

  aragon_saa 9 months, 2 weeks ago
C
https://aws.amazon.com/ko/fargate/?nc2=type_a
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 17/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #8 Topic 1

A company wants to run a NoSQL database on Amazon EC2 instances.

Which task is the responsibility of AWS in this scenario?

A. Update the guest operating system of the EC2 instances.

B. Maintain high availability at the database layer.

C. Patch the physical infrastructure that hosts the EC2 instances.

D. Configure the security group firewall.

Correct Answer: C

Community vote distribution
C (94%) 6%

  AdrianMonter26 Highly Voted  9 months, 1 week ago

Selected Answer: C

A is incorrect because when we set up an instance of ec2 we choose the operating system.
B is incorrect because we are configuring and running the database on the ec2 instances so that would be our responsibility.
D is incorrect because the firewall rules are our job.
C is correct because the physical infrastructure where the ec2 instances run is amazon's responsibility
upvoted 16 times

  TheFivePips Highly Voted  6 months ago

Selected Answer: C

A. Update the guest operating system of the EC2 instances:

Responsibility of the customer: Customers are responsible for managing the software environment within their EC2 instances, including updating
the guest operating system.

B. Maintain high availability at the database layer:

Shared responsibility: While AWS ensures high availability at the infrastructure level, customers are responsible for configuring and managing the
database layer to achieve high availability. This involves setting up replication, failover mechanisms, and ensuring that the database software is
configured appropriately.

C. Patch the physical infrastructure that hosts the EC2 instances:

Responsibility of AWS: AWS manages the physical infrastructure, including patching and updates at the hardware level. Customers do not have
direct control over the physical infrastructure.

D. Configure the security group firewall:

Responsibility of the customer: Security groups are a customer-managed feature that controls inbound and outbound traffic to and from EC2
instances. Customers are responsible for configuring security groups to meet their specific security requirements.
upvoted 6 times

  docoumn Most Recent  2 months, 2 weeks ago

agree, C is correct because the physical infrastructure where the ec2 instances run is amazon's responsibility
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
C. Patch the physical infrastructure that hosts the EC2 instances.

AWS is responsible for maintaining and patching the physical infrastructure, including the servers and networking equipment that host EC2
instances. This responsibility falls under the AWS shared responsibility model for infrastructure services. However, tasks such as updating the guest
operating system of the EC2 instances (Option A), maintaining high availability at the database layer (Option B), and configuring the security group
firewall (Option D) are typically the responsibility of the customer.
upvoted 1 times

  VaibsLearning 4 months, 2 weeks ago

Selected Answer: B

In the scenario where a company is running a NoSQL database on Amazon EC2 instances, AWS would be responsible for maintaining high
availability at the infrastructure level, which includes ensuring the physical infrastructure and underlying virtualization layer are operational and
redundant.

Therefore, the correct answer is:

B. Maintain high availability at the database layer.

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 18/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

upvoted 1 times

  Ruffyit 5 months, 3 weeks ago
A is incorrect because when we set up an instance of ec2 we choose the operating system.
B is incorrect because we are configuring and running the database on the ec2 instances so that would be our responsibility.
D is incorrect because the firewall rules are our job.
C is correct because the physical infrastructure where the ec2 instances run is amazon's responsibility
upvoted 1 times

  stheno 7 months ago
Selected Answer: C

DB layer is belongs to customer
upvoted 1 times

  Edi21 7 months, 2 weeks ago
Is it possible that this question has multiple answers? Can be A,

"AWS typically abstracts the physical infrastructure management, providing a higher-level service where users manage instances, databases, and
configurations on top of the AWS-provided infrastructure."

"In the context of running a NoSQL database on EC2 instances, AWS's responsibilities generally include ensuring high availability at the
infrastructure level, maintaining security group configurations (firewalls), and managing underlying host operating system updates. So, option C
might not be solely correct in this scenario."
upvoted 1 times

  MiniYang 8 months, 3 weeks ago
I thought B and C both are correct answer.
If I had to choose only one answer, I would choose option B, which is to maintain high availability at the database layer. This is because, while AWS
is responsible for patching the physical infrastructure that hosts the EC2 instances, maintaining high availability at the database layer is a critical
task that requires specialized knowledge and expertise. AWS provides a range of services and features to help ensure high availability, such as
automatic failover, data replication, and load balancing, which are specifically designed to help customers run highly available databases on their
EC2 instances.
upvoted 1 times

  lunamuller 9 months ago
Selected Answer: C

Answer is C. Physical infrastructure.
upvoted 1 times

  cnoodle 9 months, 1 week ago
Selected Answer: C

the physical infrastructure of AWS is something that has to be done by AWS.
upvoted 3 times

  Mohammed_Kamal 9 months, 2 weeks ago

Selected Answer: C

No mention for DynamoDB. so we can't assume data is replicated across AZs
upvoted 3 times

  parrtner73 9 months, 2 weeks ago

Selected Answer: C

https://pupuweb.com/answer-explained-which-task-responsibility-aws-run-nosql-database-amazon-ec2-instances/
upvoted 1 times

  Anyio 9 months, 2 weeks ago

Selected Answer: C

The answer is C. Patch the physical infrastructure that hosts the EC2 instances.
Guest operating system is always responsibility of customer and host of AWS.
https://aws.amazon.com/compliance/shared-responsibility-model/
upvoted 1 times

  inkedia3 9 months, 2 weeks ago

Selected Answer: B

Since you running the NoSQL AWS is only responsible for maintaining high availability..
upvoted 1 times

  Anyio 9 months, 2 weeks ago
NoSQL database on Amazon EC2 instances. This is no DynamoDB but its a NoSQL Database in an EC2 instance. AWS has no business with what
you host on an Instance particularly third party software....The Answer is C.
upvoted 3 times

  adminj1 9 months, 2 weeks ago
Answer: B
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 19/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  NayeraB 9 months, 2 weeks ago
AWS provides the underlying infrastructure, but ensuring high availability at the database layer, such as implementing replication, clustering, or
failover mechanisms, is typically the responsibility of the user. So answer is C
upvoted 3 times

  maymaythar68 8 months, 2 weeks ago
Got the point with the right answer!
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 20/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #9 Topic 1

Which AWS services or tools can identify rightsizing opportunities for Amazon EC2 instances? (Choose two.)

A. AWS Cost Explorer

B. AWS Billing Conductor

C. Amazon CodeGuru

D. Amazon SageMaker

E. AWS Compute Optimizer

Correct Answer: AE

Community vote distribution
AE (93%) 7%

  Certifiedumps 4 weeks ago

Selected Answer: E

Certifiedumps

The AWS services or tools that can identify rightsizing opportunities for Amazon EC2 instances are:

A. AWS Cost Explorer
E. AWS Compute Optimizer

Both AWS Cost Explorer and AWS Compute Optimizer provide insights and recommendations to help optimize and rightsize your Amazon EC2
instances based on usage patterns and performance metrics.
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
A. AWS Cost Explorer
E. AWS Compute Optimizer

AWS Cost Explorer provides cost management tools that allow you to analyze your AWS spending, including EC2 instance usage. While it doesn't
directly provide rightsizing recommendations, it offers insights into your usage patterns, which can inform rightsizing decisions.

AWS Compute Optimizer analyzes your Amazon EC2 usage patterns and provides recommendations for rightsizing your EC2 instances, helping you
optimize performance and reduce costs. It considers factors such as CPU utilization, memory utilization, and network throughput to make
recommendations tailored to your workload.
upvoted 2 times

  BobFar 5 months, 2 weeks ago
AE is correct. AWS Cost Explorer & AWS Compute Optimizer
- AWS Cost Explorer: Allows customers to monitor their AWS cost and usage at a resource level to identify cost drivers.
- AWS Billing Conductor: A customizable billing service, allowing you to customize your billing data to match your desired showback or chargebac
business logic
- Amazon CodeGuru: A machine learning-powered developer tool that provides automated code reviews and identifies performance optimizations
in your Java, Python,Scala, Cotlin ,....
- AWS Compute Optimizer: Get recommendations to optimize your use of AWS resources (rightsizing)
- Amazon SageMaker: A cloud based machine-learning platform that allows the creation, training, and deployment by developers of machine-
learning (ML) models on the cloud.
upvoted 2 times

  Ruffyit 5 months, 3 weeks ago
A. AWS Cost Explorer

AWS Cost Explorer provides cost and usage reports, allowing you to analyze your historical costs and usage patterns. While it doesn't directly
identify rightsizing opportunities, it can help you understand your current spending and identify areas where rightsizing might be beneficial.

E. AWS Compute Optimizer

AWS Compute Optimizer is a service that recommends optimal AWS resources for your workloads. It analyzes the historical utilization of your
Amazon EC2 instances and provides recommendations for rightsizing, which involves changing the instance type to a better fit based on the
workload's requirements.
upvoted 1 times

  TheFivePips 6 months ago
Selected Answer: AE

A. AWS Cost Explorer

AWS Cost Explorer provides cost and usage reports, allowing you to analyze your historical costs and usage patterns. While it doesn't directly
https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 21/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

identify rightsizing opportunities, it can help you understand your current spending and identify areas where rightsizing might be beneficial.

E. AWS Compute Optimizer

AWS Compute Optimizer is a service that recommends optimal AWS resources for your workloads. It analyzes the historical utilization of your
Amazon EC2 instances and provides recommendations for rightsizing, which involves changing the instance type to a better fit based on the
workload's requirements.

B. AWS Billing Conductor

There is no service called AWS Billing Conductor.

C. Amazon CodeGuru

Amazon CodeGuru is a service for automated code reviews and application performance recommendations. It is not specifically designed for
identifying rightsizing opportunities.

D. Amazon SageMaker

Amazon SageMaker is a service for building, training, and deploying machine learning models.
upvoted 3 times

  [Removed] 5 months, 1 week ago
AWS Billing Conductor is a customizable billing service, allowing you to customize your billing data to match your desired showback or
chargeback business logic.
upvoted 1 times

  BShelat 6 months, 3 weeks ago
Selected Answer: AE

https://docs.aws.amazon.com/cost-management/latest/userguide/ce-rightsizing.html
https://docs.aws.amazon.com/compute-optimizer/latest/ug/rightsizing-preferences.html
upvoted 2 times

  passgreenearth 8 months, 2 weeks ago

Selected Answer: AE

The answer is AE
upvoted 1 times

  lunamuller 9 months ago

Selected Answer: AE

Answers AE are correct.
upvoted 1 times

  GSMUTTA 9 months ago
hmm... AE
upvoted 1 times

  Hamdos 9 months, 1 week ago
What is billing conductor?
upvoted 1 times

  Anyio 9 months, 2 weeks ago
Selected Answer: AE

The answer is AE.
https://docs.aws.amazon.com/cost-management/latest/userguide/ce-rightsizing.html
https://aws.amazon.com/compute-optimizer/
upvoted 4 times

  inkedia3 9 months, 2 weeks ago
Selected Answer: AE

https://docs.aws.amazon.com/cost-management/latest/userguide/ce-rightsizing.html
https://aws.amazon.com/compute-optimizer/
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 22/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #10 Topic 1

Which of the following are benefits of using AWS Trusted Advisor? (Choose two.)

A. Providing high-performance container orchestration

B. Creating and rotating encryption keys

C. Detecting underutilized resources to save costs

D. Improving security by proactively monitoring the AWS environment

E. Implementing enforced tagging across AWS resources

Correct Answer: CD

Community vote distribution
CD (100%)

  isaphiltrick Highly Voted  9 months, 2 weeks ago

C & D are correct.

Benefits of Trusted Advisor:
Cost optimization - Trusted Advisor can help you save cost with actionable recommendations by analyzing usage, configuration and spend.
Performance - Trusted Advisor can help improve the performance of your services with actionable recommendations by analyzing usage and
configuration.
Security - Trusted Advisor can help improve the security of your AWS environment by suggesting foundational security best practices curated by
security experts.
Fault tolerance - Trusted Advisor can help improve the reliability of your services.
Service quotas - Service quotas are the maximum number of resources that you can create in an AWS account.

Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
upvoted 11 times

  docoumn Most Recent  2 months, 2 weeks ago

C & D are correct.
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
C. Detecting underutilized resources to save costs: AWS Trusted Advisor provides recommendations for optimizing your AWS infrastructure,
including identifying underutilized resources that you can potentially downgrade or terminate to save costs.

D. Improving security by proactively monitoring the AWS environment: Trusted Advisor also offers security recommendations, helping you enhance
security by identifying potential security vulnerabilities, misconfigurations, and best practices for your AWS environment.

So, the correct options are C and D.
upvoted 1 times

  Ruffyit 5 months, 3 weeks ago
C & D are correct.

Benefits of Trusted Advisor:
Cost optimization - Trusted Advisor can help you save cost with actionable recommendations by analyzing usage, configuration and spend.
Performance - Trusted Advisor can help improve the performance of your services with actionable recommendations by analyzing usage and
configuration.
Security - Trusted Advisor can help improve the security of your AWS environment by suggesting foundational security best practices curated by
security experts.
Fault tolerance - Trusted Advisor can help improve the reliability of your services.
Service quotas - Service quotas are the maximum number of resources that you can create in an AWS account.

Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
upvoted 1 times

  TheFivePips 6 months ago
Selected Answer: CD

C. Detecting underutilized resources to save costs

AWS Trusted Advisor provides recommendations for optimizing your AWS resources, including identifying underutilized resources. This can help
you save costs by eliminating unnecessary or idle resources.

D. Improving security by proactively monitoring the AWS environment

AWS Trusted Advisor includes security checks that proactively monitor your AWS environment. It provides recommendations to help improve
security by identifying potential security vulnerabilities and misconfigurations.
https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 23/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

upvoted 1 times

  stheno 7 months ago

Selected Answer: CD

CD is correct
upvoted 1 times

  impetus888 8 months ago
CD is correct
upvoted 2 times

  tlrosen 8 months, 1 week ago

Selected Answer: CD

for sure
upvoted 1 times

  lunamuller 9 months ago
Selected Answer: CD

Answers CD are correct.
upvoted 1 times

  Anyio 9 months, 2 weeks ago
Selected Answer: CD

Answer is CD.
Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 24/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #11 Topic 1

Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?

A. Elimination of expenses for running and maintaining data centers

B. Price discounts that are identical to discounts from hardware providers

C. Distribution of all operational controls to AWS

D. Elimination of operational expenses

Correct Answer: A

Community vote distribution
A (100%)

  XuanWrei 1 month, 1 week ago

Selected Answer: A

A. Elimination of expenses for running and maintaining data center
upvoted 1 times

  Kessel 4 months ago

Selected Answer: A

A. Elimination of expenses for running and maintaining data centers

Don't want to nit-pick, but technically you are still paying AWS for the expenses of running their datacenters, it's just that the costs are embedded
in their pricing. Of course economies of scale make this a no brainer.
upvoted 1 times

  Itzmelakshmikanth3108 4 months, 1 week ago
A. Elimination of expenses for running and maintaining data centers

Moving on-premises workloads to the AWS Cloud can indeed lead to the elimination of expenses associated with running and maintaining data
centers. This includes costs related to infrastructure maintenance, facility management, hardware upgrades, electricity, cooling, and physical
security. By leveraging cloud services, organizations can offload these responsibilities to the cloud provider, resulting in reduced operational
expenses and allowing them to focus more on their core business objectives.
upvoted 1 times

  Ruffyit 5 months, 3 weeks ago
A. Elimination of expenses for running and maintaining data centers
upvoted 1 times

  TheFivePips 6 months ago

Selected Answer: A

A. Elimination of expenses for running and maintaining data centers

Moving to the AWS Cloud allows users to leverage AWS's infrastructure, eliminating the need for organizations to run and maintain their own data
centers. This shift can lead to cost savings, improved scalability, and increased flexibility.

Options B, C, and D are not accurate:

B. Price discounts that are identical to discounts from hardware providers

AWS provides its pricing model, and while cost savings can be achieved by leveraging cloud services, the pricing structure is different from
traditional hardware providers.

C. Distribution of all operational controls to AWS

While AWS manages the underlying infrastructure, users still retain control over the operational aspects of their applications and services. It's a
shared responsibility model, where AWS manages certain aspects, and users manage others.

D. Elimination of operational expenses

While there may be cost savings, it's not accurate to say that all operational expenses are eliminated. Users are still responsible for managing and
optimizing their cloud resources, applications, and configurations.
upvoted 1 times

  alok83 7 months ago
A is correct
upvoted 1 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 25/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  stheno 7 months ago

Selected Answer: A

* Trade fixed expense for variable expense
* Benefit from massive economies of scale
* Stop guessing capacity
* Increase speed and agility
* Stop spending money running and maintaining data centers
* Go global in minutes
upvoted 2 times

  Mefre7 8 months, 1 week ago

Selected Answer: A

A is correct
upvoted 1 times

  asdfcdsxdfc 8 months, 3 weeks ago

Selected Answer: A

A looks correct
upvoted 1 times

  lunamuller 9 months ago
Selected Answer: A

Answer A is correct.
upvoted 1 times

  Anyio 9 months, 2 weeks ago
Selected Answer: A

A. Elimination of expenses for running and maintaining data centers.
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html
upvoted 2 times

  isaphiltrick 9 months, 2 weeks ago
A is correct.

Reference: https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 26/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #12 Topic 1

A company wants to manage deployed IT services and govern its infrastructure as code (IaC) templates.

Which AWS service will meet this requirement?

A. AWS Resource Explorer

B. AWS Service Catalog

C. AWS Organizations

D. AWS Systems Manager

Correct Answer: B

Community vote distribution
B (86%) 14%

  Anyio Highly Voted  9 months, 2 weeks ago

Selected Answer: B

The answer is B.

AWS Service Catalog lets you centrally manage your cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates,
written in CloudFormation or Terraform configurations. With AWS Service Catalog, you can meet your compliance requirements while making sure
your customers can quickly deploy the cloud resources they need.
https://aws.amazon.com/servicecatalog/
upvoted 17 times

  Syl34 Most Recent  2 months, 1 week ago

Selected Answer: B

The answer is B : Create, share, organize, and govern your curated IaC templates
https://aws.amazon.com/servicecatalog/
upvoted 1 times

  chalaka 3 months ago
Selected Answer: B

B. AWS Service Catalog

AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. It enables administrator
to centrally manage and govern IT services, including infrastructure as code templates, ensuring compliance with organizational policies and
standards.
upvoted 1 times

  LinuxChamp 5 months, 1 week ago
B = CORRECT
upvoted 1 times

  BobFar 5 months, 2 weeks ago
The answer is B , AWS Service Catalog

- AWS Resource Explorer: Search for and discover relevant resources across AWS
- AWS Service Catalog: Create, share, organize, and govern your curated IaC templates
- AWS Organizations: An account management service that lets you consolidate multiple AWS accounts into an organization and centrally manage
- AWS Systems Manager: Manage your resources on AWS and in multicloud and hybrid environments.
upvoted 3 times

  Ruffyit 5 months, 3 weeks ago
AWS Service Catalog lets you centrally manage your cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates,
written in CloudFormation or Terraform configurations. With AWS Service Catalog, you can meet your compliance requirements while making sure
your customers can quickly deploy the cloud resources they need.
https://aws.amazon.com/servicecatalog/
upvoted 1 times

  TheFivePips 6 months ago

Selected Answer: B

B. AWS Service Catalog

AWS Service Catalog enables organizations to create and manage catalogs of IT services that are approved for use on AWS. It allows you to
centrally manage and govern the deployment of AWS resources, including IaC templates. With AWS Service Catalog, you can control access, ensure
compliance, and manage the lifecycle of deployed services.

Options A, C, and D are not specifically designed for managing deployed IT services and governing infrastructure as code:
https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 27/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

A. AWS Resource Explorer

AWS Resource Explorer is a tool for exploring, understanding, and querying your AWS resources.

C. AWS Organizations

AWS Organizations helps you consolidate multiple AWS accounts into an organization.

D. AWS Systems Manager

AWS Systems Manager provides a suite of tools for managing AWS infrastructure at scale. While it is useful for managing operational tasks, it is no
specifically designed for governing infrastructure as code or managing IT services.
upvoted 2 times

  BShelat 6 months, 3 weeks ago

Selected Answer: B

https://aws.amazon.com/servicecatalog/#:~:text=AWS%20Service%20Catalog%20lets%20you%20centrally%20manage%20your%20cloud%20resou
rces%20to%20achieve%20governance%20at%20scale%20of%20your%20infrastructure%20as%20code%20(IaC)%20templates%2C
upvoted 1 times

  Ashisohail 7 months ago
Selected Answer: B

https://aws.amazon.com/servicecatalog/
upvoted 1 times

  alok83 7 months ago

Selected Answer: B

Option B is correct
upvoted 1 times

  stheno 7 months ago

Selected Answer: B

AWS Service Catalog allows you to create and manage catalogs of IT services that are approved for use on AWS. It helps you achieve consistent
governance and meet compliance requirements while enabling users to quickly deploy only the approved IT services they need. Service Catalog
lets you centrally manage commonly deployed IT services, achieve consistent governance, and help meet your compliance requirements.
upvoted 1 times

  Oripresa 7 months, 2 weeks ago

Selected Answer: B

Si el código abierto de Terraform o Terraform Cloud es su herramienta de IaC preferida, puede utilizar Service Catalog para ofrecer a sus equipos e
aprovisionamiento automático de las configuraciones de Terraform. Si utiliza una combinación de configuraciones de CloudFormation y Terraform
en diferentes equipos o casos de uso, ahora puede utilizar AWS Service Catalog como la única herramienta para catalogar y compartir ambas. Para
sus usuarios finales, AWS Service Catalog proporciona una interfaz común y fácil de usar para ver y aprovisionar recursos independientemente de
la tecnología de IaC.
upvoted 1 times

  VikJo1978 7 months, 3 weeks ago
Selected Answer: D

The correct answer is AWS Systems Manager.

AWS Service Catalog is a good service for managing provisioned IT services, but it does not offer support for IaC. AWS Systems Manager, on the
other hand, offers a range of features that make it easy to manage provisioned IT services and manage infrastructure as code templates.
upvoted 2 times

  BShelat 6 months, 3 weeks ago
Company wants to "GOVERN" IaC templates. One cannot "GOVERN" IaC templates through AWS Systems Manager. Through AWS Service
Catalog one can achieve governance at IaC templates level.

https://aws.amazon.com/servicecatalog/#:~:text=AWS%20Service%20Catalog%20lets%20you%20centrally%20manage%20your%20cloud%20re
sources%20to%20achieve%20governance%20at%20scale%20of%20your%20infrastructure%20as%20code%20(IaC)%20templates%2C
upvoted 2 times

  c589e91 7 months, 3 weeks ago
B
https://aws.amazon.com/servicecatalog/
upvoted 2 times

  axat 7 months, 3 weeks ago

Selected Answer: B

B. AWS Service Catalog

AWS Service Catalog is the service that enables a company to manage deployed IT services and govern its infrastructure as code (IaC) templates.
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. It helps centralize and
manage the provisioning of resources and applications based on predefined templates.
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 28/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

  lunamuller 9 months ago

Selected Answer: B

Answer B is correct.
upvoted 1 times

  parrtner73 9 months, 2 weeks ago

Selected Answer: B

Key word is govern.
https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html
upvoted 2 times

https://www.examtopics.com/exams/amazon/aws-certified-cloud-practitioner-clf-c02/custom-view/ 29/643
7/28/24, 4:32 PM AWS Certified Cloud Practitioner CLF-C02 Exam - Free Exam Q&As, Page 1 | ExamTopics

Question #13 Topic 1

Which AWS service or tool helps users visualize, understand, and manage spending and usage over time?

A. AWS Organizations

B. AWS Pricing Calculator

C. AWS Cost Explorer

D. AWS Service Catalog

Correct Answer: C

Community vote distribution
C (100%)

  TylerKiro Highly Voted  8 months, 1 week ago

What helps me is saying "to Explore is to visualize and a Calculator is to estimate."
upvoted 13 times

  Ruffyit Highly Voted  5 months, 3 weeks ago

A. AWS Organizations: Manages multiple AWS accounts in an organization, aiding in billing and cost allocation. Not focused on detailed spending
visualization.

B. AWS Pricing Calculator: Estimates AWS service costs based on configurations. Lacks detailed historical spending and usage insights.

C. AWS Cost Explorer: Visualizes, understands, and manages AWS spending and usage over time. Provides detailed insights, historical data, and
forecasting.

D. AWS Service Catalog: Manages approved IT service catalogs but doesn't focus on detailed cost visualization.
upvoted 5 times

  TheFivePips Most Recent  6 months ago

Selected Answer: C

A. AWS Organizations: Manages multiple AWS accounts in an organization, aiding in billing and cost allocation. Not focused on detailed spending
visualization.

B. AWS Pricing Calculator: Estimates AWS service costs based on configurations. Lacks detailed historical spending and usage insights.

C. AWS Cost Explorer: Visualizes, understands, and manages AWS spending and usage over time. Provides detailed insights, historical data, and
forecasting.

D. AWS Service Catalog: Manages approved IT service catalogs but doesn't focus on detailed cost visualization.
upvoted 2 times

  alok83 7 months ago
Selected Answer: C

Option C is correct.
upvoted 1 times

  782a6a5 7 months, 4 weeks ago

Selected Answer: C

Compreender e gerenciar gastos e uso ao longo do tempo.
Logo a resposta é letra C.
upvoted 2 times

  lunamuller 9 months ago
Selected Answer: C

Answer C is