AWS Certified Cloud Practitioner Exam Questions

Author: Pass Yourcert

Original Content Source: https://passyourcert.blogspot.com/2022/04/-certified-cloud-practitioner-exam-questions.html

This blog will provide you with first-hand information about the types of aws certified cloud practitioner exam questions that could be found in the final certification exam.

AWS Certified Cloud Practitioner (CLF-01) is the right certification to start your journey in AWS Cloud. It helps you learn about AWS Cloud concepts and AWS services. Security, pricing, support, pricing, and more.

The AWS Certified Cloud Practitioner exam (CLF-C01), is for individuals who can demonstrate a broad understanding of AWS Cloud. This examination does not apply to specific technical roles covered by other AWS Certifications. You can take the exam at a testing center or online.

AWS Certified Cloud Practitioner certification can be a great place to start if you are new to cloud computing. This certification will give you the foundation that you need to dive into the inner workings of AWS.

You will receive a high-level introduction to AWS with the AWS Cloud Practitioner certification. It doesn't cover specific services. It provides an overview of AWS's structure.

You are currently studying for the AWS Certified Cloud Practitioner Certification [CLF-01] Exam. AWS certified cloud practitioner exam questions will help you to assess your readiness.

Also Read: Prepare Exam with AWS Practice Questions

Let's discuss the question domain wise:

AWS Certified Cloud Practitioner Exam QuestionsDomain 1: Cloud Concepts

Q1. Which of these design principles relates to the "Operational Excellence" pillar of Well-Architected? (Choose 2)

A. Implement a strong identity foundation

B. Enable traceability

C. Anticipate Failure

D. Manage change in automation

E. Perform operations as code

Answer: C, E

Explanation:

Below 5 design principles are required to ensure operational excellence in a well-architected framework.

  • Use code to perform operations

  • Make frequent, small, reversible changes

  • Refine operations procedures often

  • Anticipate failure

  • Learn from all operations failures

Below 7 design principles are required to make a security pillar in a well-architected framework.

  • Create a solid identity foundation

  • Enable traceability

  • Security at all levels

  • Automate security best practices

  • Protect data at rest and in transit

  • Keep people from data

  • Prepare to attend security events

Below 5 design principles are the reliability pillars of a well-architected framework.

  • Automatically recovers from failure

  • Test recovery procedures

  • Horizontal scale to increase the aggregate workload

  • Stop guessing capacity

  • Manage change in automation

The correct Use strong identity principles as the design principle for the security pillar.

Option A is INCORRECT. Allow traceability is the design principle that relates to the security pillar.

Option C is CORRECT

Option C is INCORRECT Manage automation is the design principle that relates to the reliability pillar

Option E is CORRECT

Q2. What is the ability of AWS products and services to recover from disruptions and mitigate disruptions known as

A. Resiliency

B. Consistency

C. Durability

D. Latency

Answer: A

Explanation

Resiliency refers to the ability to recover from and mitigate disruptions.

Consistency refers to more than one system that stores information and returns the same result when query.

Durability refers to the system's ability and capacity to function even in the face of unanticipated events.

The measurement of the delay between request and reply is often

The first option is CORRECT Resilience refers to the ability of AWS products and services to recover from disruptions.

B is INCORRECT because Consistency guarantees that similar results will be returned by multiple systems storing information.

Option B is INCORRECT as Durability refers to the ability of AWS products to perform and remain functional despite unanticipated events.

Option C is INCORRECT latency refers to the time it takes for a response to a request to be made.

Domain 2: Security & Compliance

Q1. Which of the below can be configured to enhance the security at the subnet level?

A. Virtual Private Cloud (VPC)

B. Configure transitive VPC peering

C. NACL (Network Access Control List)

D. Security Group

Answer: C

Explanation:

Option A has been erroneously selected. The Virtual Private Cloud (VPC), is a virtual network that allows us to launch AWS resources within the restricted virtual network.

Option A is INCORRECT. Transitive VPC peering cannot be configured in AWS.

Option B is CORRECT. NACs can be used to increase security at subnet level.

Option D is incorrect. Security Group acts like a virtual firewall, controlling traffic both inbound/outbound. Security groups act at the instance level.

Q2. Developer access is required in order to allow an application to run on an EC2 instance. The developer intends to give his credential to the instance. The developer plans to provide his credentials to the instance, but the developer knows that these credentials are not long-term. He is now looking for an alternative solution to lower the security risk.

How can a developer temporarily allow applications to EC2 to access the AWS resources required?

A. Use "IAM Roles"

B. Use "IAM Group"

C. Use "IAM Tags"

D. There is no alternate way. A developer needs to give his credentials and revoke access when the required action is done.

Answer: A

Explanation:

For temporary security credentials, users could take on the roles (IAM Users) or services (AWS Services). These credentials can be used to perform any required actions. IAM roles allow you to delegate access to users/services that are not able to access AWS resources within your organization.

An IAM group allows you to grant, revoke or manage permissions for a set of IAM users. IAM tags can be used to add custom attributes or roles to IAM users. IAM tags use key-value pairs.

The CORRECT option A is CORRECT because the IAM role temporarily allows applications on EC2 access to AWS resources.

Option A is INCORRECT as the IAM group collects IAM users and assists in access management

Option B is INCORRECT as IAM tags simply add custom attributes to users/roles.

Option C is INCORRECT as we can use IAM Roles within the scenario.

Domain 3: Technology

Q1. Which AWS service is a machine learning-based tool that analyzes metrics of historical utilization and makes recommendations of compute service(s) to be used for the workload?

A. AWS Outposts

B. AWS Well-Architected Tool

C. AWS Management Console

D. AWS Compute Optimizer

Answer: D

Explanation:

Option A is incorrect because AWS Outpost, a fully managed service, provides seamless hybrid experiences by facilitating both the on-premises running of AWS infrastructure and services. AWS Outpost doesn't provide recommendations on how to use the compute services after reviewing past usage metrics.

Option B is incorrect as AWS Well-Architected Tools is a tool that offers advice on how to architect the cloud workload. Customers can also use this tool to evaluate their architecture against best practices.

Option C is incorrect because AWS Management console is a web-based user interface which allows users to access and manage all aspects of all available AWS services. This is a governance and management tool.

Option C is CORRECT. The AWS Compute Optimizer, a machine-learning-based tool that analyzes historical usage and recommends compute services to be used for the current workload, is

Q2. Which of the below could be used to perform best practices aligned deployment of popular technologies on AWS, and eventually reduce the time taken for environment build and eventual usage of the environment?

A. AWS Elastic Beanstalk

B. AWS OpsWorks

C. AWS Auto deploy

D. AWS Quick Starts

Answer: D

Explanation:

Option A is incorrect. AWS Elastic Beanstalk assists in scaling web applications and services and deployment. We will need the code.

Option A is INCORRECT. AWS OpsWorks allows for managed instances of Chef or Puppet.

Option B is WRONG. Auto deploy is an Invalid Service.

Option D is CORRECT. AWS QuickStarts: Designed by AWS Architects, partners, and other experts, quick start automated deployments that are in line with best practices. Quick Start includes CloudFormation templates for deployment automation.

Domain 4: Billing & Pricing

Q1. A new project was started by an organization to create memes using user comments and uploaded photos. This pilot project is being started and not pursued in a vigorous manner. Cost efficiency is the main focus, and not uptime or processing time. Which EC2 Instance should you choose, given these priorities?

A. On-Demand Instance

B. Spot Instance

C. Dedicated Instances

D. Scheduled Reserved Instances

Answer: B

Explanation:

Option B is WRONG. On Demand Instances are more expensive than spot instances.

Option B is correct. Spot instances are more cost-efficient. Interruptions are not considered an issue.

Option C is incorrect. Dedicated instances are instances that are only available to one user. These types of situations are not compatible with dedicated instances.

Option D is incorrect. Scheduled Reserved Incidents won't be preferred over spot instances in this scenario, because interruptions are not an issue. This scenario does not specify long-term requirements. Scheduled Reserved Instances do not require a long-term commitment.

Q2. Which S3 storage class is preferable for storing on-prem data backup (Secondary backup) copy?

A. S3 Standard

B. S3 Standard-Infrequent Access

C. S3 Intelligent-Tiering

D. S3 One Zone-Infrequent Access

Answer: D

Explanation:

The preferred S3 storage class should be S3 One Zone-Infrequent access as the other storage classes can be expensive. This scenario will require that the data be accessed only infrequently as it is a backup copy. Data resilience is not mandatory, as the data is a second backup copy.

Option B is INCORRECT. S3 standard will not be preferred because it will be expensive when the requirement can be met using S3 One Zone IA.

Option A is incorrect. HTML3 Standard-Infrequent access will not be preferred. However, it will not be expensive and the requirement can be met by using S3 One Zone IA.

Option C is incorrect. S3 Intelligent Tiering is wrong. This is because this is appropriate for data with changing patterns, and here the pattern does not change. This option is also expensive.

Option D is CORRECT.

Original Content Source: https://passyourcert.blogspot.com/2022/04/-certified-cloud-practitioner-exam-questions.html