CLF-C02 Amazon-Web-Services Exam Questions and Free Practice Test

Question 13

- (Topic 1)
Which duties are the responsibility of a company that is using AWS Lambda? (Select TWO.)

A. Security inside of code

B. Selection of CPU resources

C. Patching of operating system

D. Writing and updating of code

E. Security of underlying infrastructure

Correct Answer:AD
The duties that are the responsibility of a company that is using AWS Lambda are security inside of code and writing and updating of code. AWS Lambda is a serverless compute service that allows you to run code without provisioning or managing servers, scaling, or patching. AWS Lambda takes care of the security of the underlying infrastructure, such as the operating system, the network, and the firewall. However, the company is still responsible for the security of the code itself, such as encrypting sensitive data, validating input, and handling errors. The company is also responsible for writing and updating the code that defines the Lambda function, and choosing the runtime environment, such as Node.js, Python, or Java. AWS Lambda does not require the selection of CPU resources, as it automatically allocates them based on the memory configuration34

Question 14

- (Topic 1)
Which benefit does Amazon Rekognition provide?

A. The ability to place watermarks on images

B. The ability to detect objects that appear in pictures

C. The ability to resize millions of images automatically

D. The ability to bid on object detection jobs

Correct Answer:B
Amazon Rekognition is a service that provides deep learning-based image and video analysis. One of the benefits of Amazon Rekognition is the ability to detect objects that appear in pictures, such as faces, landmarks, animals, text, and scenes. This can enable applications to perform tasks such as face recognition, face verification, face comparison, face search, celebrity recognition, emotion detection, age range estimation, gender identification, facial analysis, facial expression recognition, and more. Amazon Rekognition OverviewAWS Certified Cloud Practitioner - aws.amazon.com

Question 15

- (Topic 3)
Which AWS service provides the ability to manage infrastructure as code?

A. AWS CodePipeline

B. AWS CodeDeploy

C. AWS Direct Connect

D. AWS CloudFormation

Correct Answer:D
The AWS service that provides the ability to manage infrastructure as code is AWS CloudFormation. Infrastructure as code is a process of defining and provisioning AWS resources using code or templates, rather than manual actions or scripts. AWS CloudFormation allows you to create and update stacks of AWS resources based on predefined templates that describe the desired state and configuration of the resources. AWS CloudFormation automates and simplifies the deployment and management of AWS resources, and ensures consistency and repeatability across different environments and regions. AWS CloudFormation also supports rollback, change sets, drift detection, and nested stacks features that help you to monitor and control the changes to your infrastructure1.

Question 16

- (Topic 1)
Which of the following are customer responsibilities under the AWS shared responsibility model? (Select TWO.)

A. Physical security of AWS facilities

B. Configuration of security groupsQ

C. Encryption of customer data on AWS

D. Management of AWS Lambda infrastructureQ

E. Management of network throughput of each AWS Region

Correct Answer:BC
The AWS shared responsibility model describes how AWS and the customer share responsibility for security and compliance of the AWS environment. AWS is responsible for the security of the cloud, which includes the physical security of AWS facilities, the infrastructure, hardware, software, and networking that run AWS services. The customer is responsible for security in the cloud, which includes the configuration of security groups, the encryption of customer data on AWS, the management of AWS Lambda infrastructure, and the management of network throughput of each AWS Region.

Question 17

- (Topic 1)
Which AWS network services or features allow Cl DR block notation when providing an IP address range?
(Select TWO.)

A. Security groups

B. Amazon Machine Image (AMI)

C. Network access control list (network ACL)

D. AWS Budgets

E. Amazon Elastic Block Store (Amazon EBS)

Correct Answer:AC
Security groups and network access control lists (network ACLs) are two AWS network services or features that allow CIDR block notation when providing an IP address range. Security groups act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level. Network ACLs act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level. Both security groups and network ACLs use CIDR block notation to specify the IP address ranges that are allowed or denied

Question 18

- (Topic 3)
Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO)

A. High availability

B. Performance efficiency

C. Cost optimization

D. Going global in minutes

E. Continuous development

Correct Answer:BC
The AWS Well-Architected Framework is a set of six pillars and lenses that help cloud architects design and run workloads in the cloud. The six pillars are: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. Each pillar has a set of design principles and best practices that guide the architectural decisions. High availability is not a separate pillar, but a quality that can be achieved by applying the principles of the reliability pillar. Going global in minutes and continuous development are not pillars of the framework, but possible benefits of using AWS services and following the framework’s recommendations. References: AWS Well-Architected - Build secure, efficient cloud applications, AWS Well-Architected Framework, The 6 Pillars of the AWS Well-Architected Framework

START CLF-C02 EXAM