Free Amazon CLF-C01 Exam Questions & Answer from Training Expert CramPDF [Q82-Q107]

Free Amazon CLF-C01 Exam Questions & Answer from Training Expert CramPDF

Top Amazon CLF-C01 Courses Online

NEW QUESTION 82
A company is building a new archiving system on AWS that will store terabytes of data. The company will NOT retrieve the data often.
Which Amazon S3 storage class will MINIMIZE the cost of the system?

• A. S3 Standard-Infrequent Access (S3 Standard-IA)
• B. S3 One Zone-Infrequent Access (S3 One Zone-IA)
• C. S3 Intelligent-Tiering
• D. S3 Glacier

Answer: A

Explanation:
Explanation/Reference: https://aws.amazon.com/s3/faqs/

 

NEW QUESTION 83
Which managed AWS service provides real-time guidance on AWS security best practices?

• A. AWS Trusted Advisor
• B. AWS Systems Manager
• C. Amazon CloudWatch
• D. AWS X-Ray

Answer: A

Explanation:
AWS offers premium services such as AWS Trusted Advisor, which provides real-time guidance to help you reduce cost, increase performance, and improve security.

 

NEW QUESTION 84
Which AWS services provide a user with connectivity between the AWS Cloud and onpremises resources?
(Select TWO)

• A. Amazon Cognito
• B. AWS VPN
• C. AWS Managed Services
• D. AWS Direct Connect
• E. Amazon Connect

Answer: B,D

 

NEW QUESTION 85
Which AWS service would you use to obtain compliance reports and certificates?

• A. AWS Lambda
• B. Amazon Inspector
• C. AWS Certificate Manager
• D. AWS Artifact

Answer: D

Explanation:
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS' security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement (NDA).

 

NEW QUESTION 86
Which AWS service provides alerts when an AWS event may impact a company's AWS resources?

• A. AWS Personal Health Dashboard
• B. AWS Service Health Dashboard
• C. AWS Infrastructure Event Management
• D. AWS Trusted Advisor

Answer: A

Explanation:
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
Reference: https://aws.amazon.com/premiumsupport/technology/personal-health-dashboard/

 

NEW QUESTION 87
What AWS service would be used to centrally manage AWS access across multiple accounts?

• A. AWS Config
• B. AWS Organizations
  To improve control over your AWS environment, you can use AWS Organizations to create groups of accounts, and then attach policies to a group to ensure the correct policies are applied across the accounts without requiring custom scripts and manual processes.
• C. AWS Service Catalog
• D. AWS Trusted Advisor

Answer: B

 

NEW QUESTION 88
Which AWS services can host a Microsoft SQL Server database? (Select TWO.)

• A. Amazon EC2
• B. Amazon Redshift
• C. Amazon Relational Database Service (Amazon RDS)
• D. Amazon Aurora
• E. Amazon S3

Answer: A,C

 

NEW QUESTION 89
What are the multiple, isolated locations within an AWS Region that are connected by low-latency networks called?

• A. Amazon VPCs
• B. AWS Direct Connects
• C. Edge locations
• D. Availability Zones

Answer: D

Explanation:
Each Region is completely independent. Each Availability Zone is isolated, but the Availability Zones in a Region are connected through low-latency links. A Local Zone is an AWS infrastructure deployment that places select services closer to your end users. A Local Zone is an extension of a Region that is in a different location from your Region. It provides a high-bandwidth backbone to the AWS infrastructure and is ideal for latency-sensitive applications, for example machine learning.
Reference:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html

 

NEW QUESTION 90
Which of the following is an AWS managed Domain Name System (DNS) web service?

• A. Amazon SageMaker
• B. Amazon Lightsail
• C. Amazon Route 53
• D. Amazon Neptune

Answer: C

 

NEW QUESTION 91
What can users access from AWS Artifact?

• A. AWS security and compliance documents
• B. A download of configuration management details for all AWS resources
• C. Training materials for AWS services
• D. A security assessment of the applications deployed in the AWS Cloud

Answer: A

Explanation:
You can use AWS Artifact Reports to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI), and System and Organization Control (SOC) reports.
Reference: https://aws.amazon.com/artifact/faq/

 

NEW QUESTION 92
Which AWS service provides a secure, fast, and cost-effective way to migrate or transport exabyte-scale datasets into AWS?

• A. AWS Batch
• B. AWS Migration Hub
• C. AWS Snowball
• D. AWS Snowmobile

Answer: D

Explanation:
Explanation
AWS Snowmobile is an exabyte-scale data transfer service that can move extremely large amounts of data to AWS in a fast, secure, and cost-effective manner. You can transfer up to 100PB per Snowmobile, a 45-foot long ruggedized shipping container,pulled by a semi-trailer truck. Snowmobile makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. All data is encrypted with 256-bit encryption and you can manage your encryption keys with AWS Key Management Service (AWS KMS). Snowmobile includes GPS tracking, alarm monitoring, 24/7 video surveillance and an optional escort security vehicle while in transit.
Reference:
https://aws.amazon.com/about-aws/whats-new/2016/11/move-exabyte-scale-data-sets-with-aws-snowmobile/

 

NEW QUESTION 93
To use the AWS CLI, users are required to generate:

• A. a managed policy.
• B. an API key
• C. an access/secret key.
• D. a password policy.

Answer: C

 

NEW QUESTION 94
Why should a company choose AWS instead of a traditional data center?

• A. AWS does not require long-term contracts and provides a pay-as-you-go model.
• B. AWS provides users with full control over the underlying resources.
• C. AWS offers edge locations in every country, supporting global reach.
• D. AWS has no limits on the number of resources that can be created.

Answer: A

Explanation:
Explanation
AWS offers you a pay-as-you-go approach for pricing for over 160 cloud services. With AWS you pay only for the individual services you need, for as long as you use them, and without requiring long-term contracts or complex licensing. AWS pricing is similar to how you pay for utilities like water and electricity. You only pay for the services you consume, and once you stop using them, there are no additional costs or termination fees.

 

NEW QUESTION 95
Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users?

• A. AWS Identity and Access Management (IAM) policies
• B. A public and private key-pair
• C. Amazon Inspector
• D. Security Groups

Answer: A

 

NEW QUESTION 96
Which AWS service provides a quick and automated way to create and manage AWS accounts?

• A. Amazon Lightsail
• B. AWSOrganizations
• C. AWS QuickSight
• D. Amazon Connect

Answer: B

 

NEW QUESTION 97
When a lookup relationship is created between two objects, which three options can the administrator select to help manage situations when a lookup record is deleted? (Choose three.)

• A. Delete the related record also
• B. Prompt the user to enter another record to resolve the lookup relationship
• C. Do NOT allow deletion of a lookup record that is part of a lookup relationship
• D. Clear the value of the lookup field
• E. Notify the record owner

Answer: A,C,D

 

NEW QUESTION 98
A user is running an application on AWS and notices that one or more AWS-owned IP addresses is involved in a distributed denial-of-service (DDoS) attack.
Who should the user contact FIRST about this situation?

• A. AWS Abuse team
• B. AWS Premium Support
• C. AWS Technical Account Manager
• D. AWS Solutions Architect

Answer: A

 

NEW QUESTION 99
What best describes a simplified definition of the "cloud"?
Choose the Correct answer:

• A. An on-premisis data center that your company owns.
• B. All the computers in your local home network.
• C. Your internet service provider
• D. A computer located somewhere else that you are utilizing in some capacity.

Answer: D

Explanation:
The simplest definition of the cloud is a computer that is located somewhere else that you are utilizing in some capacity. AWS is a cloud services provider, as the provide access to computers they own (located at AWS data centers), that you use for various purposes.

 

NEW QUESTION 100
Which AWS service can a company use to manage encryption keys in the cloud?

• A. AWS Certificate Manager (ACM)
• B. AWS License Manager
• C. AWS CloudHSM
• D. AWS Directory Service

Answer: C

 

NEW QUESTION 101
A company's traffic logs show that IP addresses owned by AWS are being used in an attempt to flood ports on system resources.
To whole should the cloud practitioner report this issue?

• A. AWS Abuse team
• B. AWS Professional Services
• C. AWS technical account manager (TAM)
• D. AWS Partner Network (APN)

Answer: A

 

NEW QUESTION 102
What is a benefit of loose coupling as a principle of cloud architecture design?

• A. It prevents cascading failures between different components.
• B. It allows applications to have dependent workflows.
• C. It allows companies to focus on their physical data center operations.
• D. It facilitates low-latency request handling.

Answer: A

Explanation:
Explanation
IT systems should ideally be designed in a way that reduces inter-dependencies. Your components need to be loosely coupled to avoid changes or failure in one of the components from affecting others.
Your infrastructure also needs to have well defined interfaces that allow the various components to interact with each other only through specific, technology-agnostic interfaces. Modifying any underlying operations without affecting other components should be made possible.

 

NEW QUESTION 103
An administrator has been asked to create a replica of the production organization. The requirement states that existing fields, page layouts, record types, objects, and data contained in the fields and objects need to be available in the replica organization.
How can the administrator meet this requirement?

• A. Create a developer sandbox
• B. Create a full sandbox
• C. Create a configuration-only sandbox
• D. Create a metadata sandbox

Answer: B

 

NEW QUESTION 104
Which Amazon Virtual Private Cloud (Amazon VPC) feature enables users to connect two VPCs together?

• A. Amazon VPC endpoints
• B. Amazon Elastic Compute Cloud (Amazon EC2) ClassicLink
• C. Amazon VPC peering
• D. AWS Direct Connect

Answer: C

Explanation:
Explanation
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your own VPCs, or with a VPC in another AWS account. The VPCs can be in different regions (also known as an inter-region VPC peering connection).
Reference: https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html

 

NEW QUESTION 105
Which of the following security measures protect access to an AWS account? (Select TWO.)

• A. Activate multi-factor authentication (MFA) for privileged users.
• B. Create one IAM user and share with many developers and users.
• C. Grant least privilege access to IAM users.
• D. Enable AWS CloudTrail.
• E. Enable Amazon CloudFront.

Answer: A,C

Explanation:
If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool.

 

NEW QUESTION 106
Which is a recommended pattern for designing a highly available architecture on AWS?

• A. Use a monolithic application that handles all operations.
• B. Ensure that components have low-latency network connectivity.
• C. Run enough Amazon EC2 instances to operate at peak load.
• D. Ensure that the application is designed to accommodate failure of any single component.

Answer: D

 

NEW QUESTION 107
......

New (2021) Amazon CLF-C01  Exam Dumps: https://www.crampdf.com/CLF-C01-exam-prep-dumps.html

CLF-C01 Practice Dumps - Verified By CramPDF Updated 542 Questions: https://drive.google.com/open?id=10iXORmz_qFcVZ923k5z8chuRjK2gIW-B