The latest Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner exam and earn Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner certification.
Exam Question 151
The pay-as-you-go pricing model for AWS services:
A. reduces capital expenditures.
B. requires payment up front for AWS services.
C. is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
D. reduces operational expenditures.
Correct Answer:
A. reduces capital expenditures.
Exam Question 152
Under the AWS shared responsibility model, AWS is responsible for which security-related task?
A. Lifecycle management of IAM credentials
B. Physical security of global infrastructure
C. Encryption of Amazon EBS volumes
D. Firewall configuration
Correct Answer:
B. Physical security of global infrastructure
Exam Question 153
Which AWS service enables users to consolidate billing across multiple accounts?
A. Amazon QuickSight
B. AWS Organizations
C. AWS Budgets
D. Amazon Forecast
Correct Answer:
B. AWS Organizations
Answer Description:
You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS Organizations has a master (payer) account that pays the charges of all the member (linked) accounts.
Exam Question 154
Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud?
A. Managing edge locations
B. Physical security
C. Firewall configuration
D. Global infrastructure
Correct Answer:
B. Physical security
Exam Question 155
How can an AWS user with an AWS Basic Support plan obtain technical assistance from AWS?
A. AWS Senior Support Engineers
B. AWS Technical Account Managers
C. AWS Trusted Advisor
D. AWS Discussion Forums
Correct Answer:
D. AWS Discussion Forums
Exam Question 156
A company wants to migrate its applications to a VPC on AWS. These applications will need to access onpremises resources.
What combination of actions will enable the company to accomplish this goal? (Choose two.)
A. Use the AWS Service Catalog to identify a list of on-premises resources that can be migrated.
B. Build a VPN connection between an on-premises device and a virtual private gateway in the new VPC.
C. Use Amazon Athena to query data from the on-premises database servers.
D. Connect the company’s on-premises data center to AWS using AWS Direct Connect.
E. Leverage Amazon CloudFront to restrict access to static web content provided through the company’s on-premises web servers.
Correct Answer:
B. Build a VPN connection between an on-premises device and a virtual private gateway in the new VPC.
D. Connect the company’s on-premises data center to AWS using AWS Direct Connect.
Exam Question 157
A web application running on AWS has been spammed with malicious requests from a recurring set of IP addresses.
Which AWS service can help secure the application and block the malicious traffic?
A. AWS IAM
B. Amazon GuardDuty
C. Amazon Simple Notification Service (Amazon SNS)
D. AWS WAF
Correct Answer:
D. AWS WAF
Answer Description:
AWS WAF is a web application firewall that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. You can use AWS WAF to define customizable web security rules that control which traffic accesses your web applications. If you use AWS Shield Advanced, you can use AWS WAF at no extra cost for those protected resources and can engage the DRT to create WAF rules.
Exam Question 158
A company requires a dedicated network connection between its on-premises servers and the AWS Cloud.
Which AWS service should be used?
A. AWS VPN
B. AWS Direct Connect
C. Amazon API Gateway
D. Amazon Connect
Correct Answer:
B. AWS Direct Connect
Answer Description:
You can use AWS Direct Connect to establish a private virtual interface from your on-premise network directly to your Amazon VPC, providing you with a private, high bandwidth network connection between your network and your VPC. With multiple virtual interfaces, you can even establish private connectivity to multiple VPCs while maintaining network isolation.
Exam Question 159
How can a company isolate the costs of production and non-production workloads on AWS?
A. Create Identity and Access Management (IAM) roles for production and non-production workloads.
B. Use different accounts for production and non-production expenses.
C. Use Amazon EC2 for non-production workloads and other services for production workloads.
D. Use Amazon CloudWatch to monitor the use of services.
Correct Answer:
B. Use different accounts for production and non-production expenses.
Exam Question 160
A Cloud Practitioner needs to store data for 7 years to meet regulatory requirements.
Which AWS service will meet this requirement at the LOWEST cost?
A. Amazon S3
B. AWS Snowball
C. Amazon Redshift
D. Amazon S3 Glacier
Correct Answer:
D. Amazon S3 Glacier
Answer Description:
S3 Glacier Deep Archive is Amazon S3’s lowest-cost storage class and supports long-term retention and digital preservation for data that may be accessed once or twice in a year. It is designed for customers — particularly those in highly-regulated industries, such as the Financial Services, Healthcare, and Public Sectors — that retain data sets for 7-10 years or longer to meet regulatory compliance requirements. S3 Glacier Deep Archive can also be used for backup and disaster recovery use cases, and is a cost-effective and easy-to-manage alternative to magnetic tape systems, whether they are on-premises libraries or offpremises services.