CLF-C01 AWS Certified Cloud Practitioner Exam Questions and Answers – Page 4

The latest Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner exam and earn Amazon Web Services CLF-C01 AWS Certified Cloud Practitioner certification.

Exam Question 321

A company has an AWS-hosted website located behind an Application Load Balancer. The company wants to safeguard the website from SQL injection or cross-site scripting.
Which AWS service should the company use?

A. Amazon GuardDuty
B. AWS WAF
C. AWS Trusted Advisor
D. Amazon Inspector

Correct Answer:
B. AWS WAF

Exam Question 322

A company wants to track AWS resource configuration changes for compliance reasons.
Which AWS feature can be used to meet this requirement?

A. AWS Cost and Usage Report
B. AWS Organizations service control policies (SCPs)
C. AWS Config rules
D. VPC Flow Logs

Correct Answer:
C. AWS Config rules

Exam Question 323

The AWS IAM best practice for granting least privilege is to:

A. apply an IAM policy to an IAM group and limit the size of the group.
B. require multi-factor authentication (MFA) for all IAM users.
C. require each IAM user who has different permissions to have multiple passwords.
D. apply an IAM policy only to IAM users who require it.

Correct Answer:
D. apply an IAM policy only to IAM users who require it.

Exam Question 324

Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?

A. Pay-as-you-go pricing
B. High availability
C. Global reach
D. Economies of scale

Correct Answer:
D. Economies of scale

Exam Question 325

How can AWS enable a company to control expenses as an application’s usage changes unpredictably?

A. AWS will refund the cost difference if a customer moves to larger servers.
B. The application can be built to scale up or down automatically as resources are needed
C. Spot instances will automatically be used if the price is lower than on-demand instances.
D. Amazon CloudWatch will automatically predict what resources are needed.

Correct Answer:
B. The application can be built to scale up or down automatically as resources are needed

Exam Question 326

Which AWS service or feature can be used to prevent SQL injection attacks?

A. Security groups
B. Network ACLs
C. AWS WAF
D. IAM policy

Correct Answer:
C. AWS WAF

Exam Question 327

A company needs to track the activity in its AWS accounts, and needs to know when an API call is made against its AWS resources.
Which AWS tool or service can be used to meet these requirements?

A. Amazon CloudWatch
B. Amazon Inspector
C. AWS Cloud Trail
D. AWS IAM

Correct Answer:
C. AWS Cloud Trail

Exam Question 328

According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Choose two.)

A. Network infrastructure and virtualization of infrastructure
B. Security of application data
C. Guest operating systems
D. Physical security of hardware
E. Credentials and policies

Correct Answer:
A. Network infrastructure and virtualization of infrastructure
D. Physical security of hardware

Exam Question 329

A company wants to transfer petabytes of data as quickly as possible from on-premises locations to the AWS Cloud.
Which AWS service should the company use?

A. AWS Snowball
B. AWS Global Accelerator
C. Amazon S3 Transfer Acceleration
D. Amazon Connect

Correct Answer:
A. AWS Snowball

Exam Question 330

A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.
Which best practice for cost governance does this example show?

A. Resource controls
B. Cost allocation
C. Architecture optimization
D. Tagging enforcement

Correct Answer:
B. Cost allocation