What High Value CLF-C02 Exam Price Is

NEW QUESTION 1

A company needs to set up user authentication for a new application. Users must be able to sign in directly with a user name and password, or through a third-party provider.
Which AWS service should the company use to meet these requirements?

• A. AWS IAM Identity Center (AWS Single Sign-On)
• B. AWS Signer
• C. Amazon Cognito
• D. AWS Directory Service

Answer: C

Explanation:
Amazon Cognito is a service that provides user authentication and authorization for web and mobile applications. You can use Amazon Cognito to enable users to sign in directly with a user name and password, or through a third-party provider, such as Facebook, Google, or Amazon. You can also use Amazon Cognito to manage user profiles, preferences, and security settings3

NEW QUESTION 2

A company runs a database on Amazon Aurora in the us-east-1 Region. The company has a disaster recovery requirement that the database be available in another Region.
Which solution meets this requirement with minimal disruption to the database operations?

• A. Perform an Aurora Multi-AZ deployment.
• B. Deploy Aurora cross-Region read replicas.
• C. Create Amazon Elastic Block Store (Amazon EBS) volume snapshots for Aurora and copy them to another Region.
• D. Deploy Aurora Replicas.

Answer: B

Explanation:
The solution that meets the requirement of the company that runs a database on Amazon Aurora in the us-east-1 Region and has a disaster recovery requirement that the database be available in another Region with minimal disruption to the database operations is to deploy Aurora cross-Region read replicas. Aurora cross-Region read replicas are secondary Aurora clusters that are created in a different AWS Region from the primary Aurora cluster, and are kept in sync with the primary cluster using physical replication. The company can use Aurora cross-Region read replicas to improve the availability and durability of the database, as well as to reduce the recovery time objective (RTO) and recovery point objective (RPO) in case of a regional disaster. Performing an Aurora Multi-AZ deployment, creating Amazon EBS volume snapshots for Aurora and copying them to another Region, and deploying Aurora Replicas are not the best solutions for this requirement. An Aurora Multi-AZ deployment is a configuration that creates one or more Aurora Replicas within the same AWS Region as the primary Aurora cluster, and provides automatic failover in case of an Availability Zone outage. However, this does not provide cross-Region disaster recovery. Creating Amazon EBS volume snapshots for Aurora and copying them to another Region is a manual process that requires stopping the database, creating the snapshots, copying them to the target Region, and restoring them to a new Aurora cluster. This process can cause significant downtime and data loss. Deploying Aurora Replicas is a configuration that creates one or more secondary Aurora clusters within the same AWS Region as the primary Aurora cluster, and provides read scaling and high availability. However, this does not provide cross-Region disaster recovery.

NEW QUESTION 3

A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing.
Which AWS service or feature will help the company with its migration?

• A. AWS Trusted Advisor
• B. AWS Consulting Partners
• C. AWS Artifacts
• D. AWS Managed Services

Answer: D

Explanation:
AWS Managed Services is a service that provides operational management for AWS infrastructure and applications. It helps users migrate their workloads to AWS and provides ongoing support, security, compliance, and automation. AWS Trusted Advisor is a service that provides best practices and recommendations for cost optimization, performance, security, and fault tolerance. AWS Consulting Partners are professional services firms that help customers design, architect, build, migrate, and manage their workloads and applications on AWS. AWS Artifacts is a service that provides on-demand access to AWS compliance reports and select online agreements.

NEW QUESTION 4

Which of the following are benefits that a company receives when it moves an on-premises
production workload to AWS? (Select TWO.)

• A. AWS trains the company's staff on the use of all the AWS services.
• B. AWS manages all security in the cloud.
• C. AWS offers free support from technical account managers (TAMs).
• D. AWS offers high availability.
• E. AWS provides economies of scale.

Answer: DE

Explanation:
The correct answers are D and E because AWS offers high availability and AWS provides economies of scale are benefits that a company receives when it moves an on-premises production workload to AWS. High availability means that AWS has a global infrastructure that allows customers to deploy their applications and data across multiple regions and availability zones. This increases the fault tolerance and resilience of their applications and reduces the impact of failures. Economies of scale means that AWS can achieve lower variable costs than customers can get on their own. This allows customers to pay only for the resources they use and scale up or down as needed. The other options are incorrect because they are not benefits that a company receives when it moves an on- premises production workload to AWS. AWS trains the company’s staff on the use of all the AWS services is not a benefit that a company receives when it moves an on-premises production workload to AWS. AWS does provide various learning resources and training courses for customers, but it does not train the company’s staff on the use of all the AWS services. AWS manages all security in the cloud is not a benefit that a company receives when it moves an on-premises production workload to AWS. AWS is responsible for the security of the cloud, but the customer is responsible for the security in the cloud. AWS offers free support from technical account managers (TAMs) is not a benefit that a company receives when it moves an on-premises production workload to AWS. AWS does offer support from TAMs, but only for customers who have the AWS Enterprise Support plan, which is not free. Reference: What is Cloud Computing?, [AWS Shared Responsibility Model], [AWS Support Plans]

NEW QUESTION 5

Which task is the responsibility of AWS, according to the AWS shared responsibility model?

• A. Set up multi-factor authentication (MFA) for each Workspaces user account.
• B. Ensure the environmental safety and security of the AWS infrastructure that hosts Workspaces.
• C. Provide security for Workspaces user accounts through AWS Identity and Access Management (IAM).
• D. Configure AWS CloudTrail to log API calls and user activity.A company stores data in an Amazon S3 bucke
• E. The company must control who has permission to read, write, or delete objects that the company stores in the S3 bucket.

Answer: B

Explanation:
The correct answer is B because ensuring the environmental safety and security of the AWS infrastructure that hosts Workspaces is the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model is a framework that defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the global infrastructure, such as the regions, availability zones, and edge locations; the hardware, software, networking, and facilities that run the AWS services; and the virtualization layer that separates the customer instances and storage. The customer is responsible for the security in the cloud, which includes the customer data, the guest operating systems, the applications, the identity and access management, the firewall configuration, and the encryption. The other options are incorrect because they are the responsibility of the customer, according to the AWS shared responsibility model. Setting up multi-factor authentication (MFA) for each Workspaces user account, providing security for Workspaces user accounts through AWS Identity and Access Management (IAM), configuring AWS CloudTrail to log API calls and user activity, and encrypting data at rest and in transit are all tasks that the customer has to perform to secure their Workspaces environment. Reference: AWS Shared Responsibility Model, Amazon WorkSpaces Security

NEW QUESTION 6

A company uses AWS for its web application. The company wants to minimize latency and perform compute operations for the application as close to end users as possible.
Which AWS service or infrastructure component will provide this functionality?

• A. AWS Regions
• B. Availability Zones
• C. Edge locations
• D. AWS Direct Connect

Answer: C

Explanation:
Edge locations are sites that Amazon CloudFront uses to cache copies of your content for faster delivery to users at any location. You can use Amazon CloudFront to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance3. Edge locations can also host AWS Lambda functions to perform compute operations for your web application as close to end users as possible4.

NEW QUESTION 7

A company needs to centralize its operational data. The company also needs to automate tasks across all of its Amazon EC2 instances.
Which AWS service can the company use to meet these requirements?

• A. AWS Trusted Advisor
• B. AWS Systems Manager
• C. AWS CodeDeploy
• D. AWS Elastic Beanstalk

Answer: B

Explanation:
AWS Systems Manager is a service that enables users to centralize and automate the management of their AWS resources. It provides a unified user interface to view operational data, such as inventory, patch compliance, and performance metrics. It also allows users to automate common and repetitive tasks, such as patching, backup, and configuration management, across all of their Amazon EC2 instances1. AWS Trusted Advisor is a service that provides best practices and recommendations to optimize the performance, security, and cost of AWS resources2. AWS CodeDeploy is a service that automates the deployment of code and applications to Amazon EC2 instances or other compute services3. AWS Elastic Beanstalk is a service that simplifies the deployment and management of web applications using popular platforms, such as Java, PHP, and Node.js4.

NEW QUESTION 8

A company needs to run its existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively.
The workloads can recover from interruptions easily. Which pricing model should the company use?

• A. Reserved Instances
• B. On-Demand Instances
• C. Spot Instances
• D. Dedicated Hosts

Answer: C

Explanation:
The correct answer is C because Spot Instances are the pricing model that enables the company to run its existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively. Spot Instances are spare Amazon EC2 instances that are available at up to 90% discount compared to On-Demand prices. Spot Instances are suitable for stateless, fault-tolerant, and flexible workloads that can recover from interruptions easily. The other options are incorrect because they are not the pricing model that enables the company to run its existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively. Reserved Instances are Amazon EC2 instances that are reserved for a specific period of time (one or three years) in exchange for a lower hourly rate. Reserved Instances are suitable for steady-state or predictable workloads that run for a long duration. On-Demand Instances are Amazon EC2 instances that are launched and billed at a fixed hourly rate. On-Demand Instances are suitable for short-term, irregular, or unpredictable workloads that cannot be interrupted. Dedicated Hosts are physical servers that are dedicated to a single customer. Dedicated Hosts are suitable for workloads that require regulatory compliance or data isolation. Reference: Amazon EC2 Instance Purchasing Options

NEW QUESTION 9

A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.
Which cloud concept does this analysis demonstrate?

• A. Auto scaling
• B. Rightsizing
• C. Load balancing
• D. High availability

Answer: B

Explanation:
Rightsizing is the cloud concept that this analysis demonstrates. Rightsizing is the process of optimizing the performance and cost of your AWS resources by selecting the most appropriate type, size, and configuration based on your workload requirements and usage patterns. Rightsizing can help you achieve potential cost savings by reducing the over-provisioning or under-utilization of your resources. You can use various AWS tools and services, such as AWS Cost Explorer, AWS Compute Optimizer, and AWS Trusted Advisor, to analyze your resource utilization and performance metrics, and receive recommendations for rightsizing.

NEW QUESTION 10

Which AWS service can a company use to visually design and build serverless applications?

• A. AWS Lambda
• B. AWS Batch
• C. AWS Application Composer
• D. AWS App Runner

Answer: C

Explanation:
AWS Application Composer is a service that allows users to visually design and build serverless applications. Users can drag and drop components, such as AWS Lambda functions, Amazon API Gateway endpoints, Amazon DynamoDB tables, and Amazon S3 buckets, to create a serverless application architecture. Users can also configure the properties, permissions, and dependencies of each component, and deploy the application to their AWS account with a few clicks. AWS Application Composer simplifies the design and configuration of serverless applications, and reduces the need to write code or use AWS CloudFormation templates. References: AWS Application Composer, AWS releases Application Composer to make serverless ‘easier’ but initial scope is limited

NEW QUESTION 11

A company wants to run its production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week.
Which AWS Support plan will meet these requirements?

• A. AWS Basic Support
• B. AWS Enterprise Support
• C. AWS Business Support
• D. AWS Developer Support

Answer: B

Explanation:
B is correct because AWS Enterprise Support is the AWS Support plan that provides concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week. This plan is designed for customers who run mission-critical workloads on AWS and need the highest level of support. A is incorrect because AWS Basic Support is the AWS Support plan that provides customer service and support for billing and account issues, service limit increases, and technical support for a limited set of AWS services. It does not provide concierge service, a designated TAM, or 24/7 technical support. C is incorrect because AWS Business Support is the AWS Support plan that provides customer service and support for billing and account issues, service limit increases, and technical support for all AWS services, as well as access to AWS Trusted Advisor and AWS Support API. It does not provide concierge service or a designated TAM. D is incorrect because AWS Developer Support is the AWS Support plan that provides customer service and support for billing and account issues, service limit increases, and technical support for all AWS services, as well as access to AWS Trusted Advisor. It does not provide concierge service, a designated TAM, or 24/7 technical support.

NEW QUESTION 12

Which credential allows programmatic access to AWS resources for use from the AWS CLI or the AWS API?

• A. User name and password
• B. Access keys
• C. SSH public keys
• D. AWS Key Management Service (AWS KMS) keys

Answer: B

Explanation:
Access keys are long-term credentials that consist of an access key ID and a secret access key. You use access keys to sign programmatic requests that you make to AWS using the AWS CLI or AWS API1. User name and password are credentials that you use to sign in to the AWS Management Console or the AWS Management Console mobile app2. SSH public keys are credentials that you use to authenticate with EC2 instances that are launched from certain Linux AMIs3. AWS Key Management Service (AWS KMS) keys are customer master keys (CMKs) that you use to encrypt and decrypt your data and to control access to your data across AWS services and in your applications4.

NEW QUESTION 13

A company has multiple AWS accounts that include compute workloads that cannot be interrupted. The company wants to obtain billing discounts that are based on the company's use of AWS services.
Which AWS feature or purchasing option will meet these requirements?

• A. Resource tagging
• B. Consolidated billing
• C. Pay-as-you-go pricing
• D. Spot Instances

Answer: B

Explanation:
Consolidated billing is an AWS feature that allows users to combine the usage and costs of multiple AWS accounts into a single bill. This enables users to obtain billing discounts that are based on the company’s use of AWS services, such as volume pricing tiers, Reserved Instance discounts, and Savings Plans discounts5. Resource tagging is an AWS feature that allows users to assign metadata to AWS resources, such as EC2 instances, S3 buckets, and Lambda functions. This enables users to organize, track, and manage their AWS resources, such as filtering, grouping, and reporting. Pay-as-you- go pricing is an AWS pricing model that allows users to pay only for the resources and services they use, without any upfront or long-term commitments. This enables users to lower their costs by scaling up or down as needed, and avoiding over-provisioning or under-utilization. Spot Instances are spare EC2 instances that are available at up to 90% discount compared to On-Demand prices. They are suitable for workloads that can tolerate interruptions, such as batch processing, data analysis, and testing. Spot Instances are
allocated based on the current supply and demand, and can be reclaimed by AWS with a two-minute notice when the demand exceeds the supply.

NEW QUESTION 14

Which AWS service or tool does AWS Control Tower use to create resources?

• A. AWS CloudFormation
• B. AWS Trusted Advisor
• C. AWS Directory Service
• D. AWS Cost Explorer

Answer: A

Explanation:
AWS Control Tower uses AWS CloudFormation to create resources in your landing zone. AWS CloudFormation is a service that helps you model and set up your AWS resources using templates. AWS Control Tower supports creating AWS::ControlTower::EnabledControl resources in AWS CloudFormation. Therefore, the correct answer is A. You can learn more about AWS Control Tower and AWS CloudFormation from this page.

NEW QUESTION 15

A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud How can these reports be generated?

• A. Contact the AWS Compliance team
• B. Download the reports from AWS Artifact
• C. Open a case with AWS Support
• D. Generate the reports with Amazon Made

Answer: B

Explanation:
AWS Artifact is a service that provides on-demand access to security and compliance reports from AWS and Independent Software Vendors (ISVs) who sell their products on AWS Marketplace. You can use AWS Artifact to download auditor-issued reports, certifications, accreditations, and other third-party attestations of AWS compliance with various standards and regulations, such as PCI-DSS, HIPAA, FedRAMP, GDPR, and more1234. You can also use AWS Artifact to review, accept, and manage your agreements with AWS and apply them to current and future accounts within your organization2. References: 1: Cloud Compliance - Amazon Web Services
(AWS), 2: Security Compliance Management - AWS Artifact - AWS, 3: AWS Compliance Contact Us - Amazon Web Services, 4: AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

NEW QUESTION 16

A company needs to migrate all of its development teams to a cloud-based integrated development environment (IDE).
Which AWS service should the company use?

• A. AWS CodeBuild
• B. AWS Cloud9
• C. AWS OpsWorks
• D. AWS Cloud Development Kit (AWS CDK)

Answer: B

Explanation:
The correct answer is B because AWS Cloud9 is an AWS service that enables users to run their existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively. AWS Cloud9 is a cloud-based integrated development environment (IDE) that allows users to write, run, and debug code from a web browser. AWS Cloud9 supports multiple programming languages, such as Python, Java, Node.js, and more. AWS Cloud9 also provides users with a terminal that can access AWS services and resources, such as Amazon EC2 instances, AWS Lambda functions, and AWS CloudFormation stacks. The other options are incorrect because they are not AWS services that enable users to run their existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively. AWS CodeBuild is an AWS service that enables users to compile, test, and package their code for deployment. AWS OpsWorks is an AWS service that enables users to configure and manage their applications using Chef or Puppet. AWS Cloud Development Kit (AWS CDK) is an AWS service that enables users to define and provision their cloud infrastructure using familiar programming languages, such as TypeScript, Python, Java, and C#. Reference: AWS Cloud9 FAQs

NEW QUESTION 17

A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants an alternative to help manage cluster size, scheduling, and environment maintenance.
Which AWS service meets these requirements?

• A. AWS Lambda
• B. Amazon RDS
• C. AWS Fargate
• D. Amazon Athena

Answer: C

Explanation:
AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). AWS Fargate allows you to run containers without having to manage servers or clusters of Amazon EC2 instances. With AWS Fargate, you only pay for the compute resources you use to run your containers, and you don’t need to worry about scaling, patching, securing, or maintaining the underlying infrastructure. AWS Fargate simplifies the deployment and management of containerized applications, and enables you to focus on building and running your applications instead of managing the infrastructure. References: AWS Fargate, What is AWS Fargate?

NEW QUESTION 18

AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users.
This describes which advantage of the AWS Cloud?

• A. Launch globally in minutes
• B. Increase speed and agility
• C. High economies of scale
• D. No guessing about compute capacity

Answer: C

Explanation:
AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users. This means that AWS can leverage its massive scale and purchasing power to reduce the costs of infrastructure, hardware, software, and operations. These savings are then passed on to the customers, who only pay for the resources they use. You can learn more about the AWS pricing model from [this webpage] or [this digital course].

NEW QUESTION 19

A company needs to categorize and track AWS usage cost based on business categories. Which AWS service or feature should the company use to meet these requirements?

• A. Cost allocation tags
• B. AWS Organizations
• C. AWS Security Hub
• D. AWS Cost and Usage Report

Answer: A

Explanation:
The AWS service or feature that the company should use to categorize and track AWS usage cost based on business categories is cost allocation tags. Cost allocation tags are key-value pairs that users can attach to AWS resources to organize and track their AWS costs. Users can use cost allocation tags to filter and group their AWS costs by categories such as project, department, environment, or application. Users can also use cost allocation tags to generate detailed billing reports that show the costs
associated with each tag3. AWS Organizations, AWS Security Hub, and AWS Cost and Usage Report are other AWS services or features that can help users with different aspects of their AWS usage, such as managing multiple accounts, monitoring security issues, or analyzing billing data, but they do not enable users to categorize and track AWS costs based on business categories.

NEW QUESTION 20
......