CLF-C02 (Ref EXM 1)

Question 1

What are the three fundamental drivers of cost with AWS?

Answer 1

compute, storage, and outbound data transfer

Question 2

What is Amazon DynamoDB?

Answer 2

A fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale

Question 3

What are some things DynamoDB offers?

Answer 3

DynamoDB offers built-in security, continuous backups, automated multi-region replication, in-memory caching, and data export tools.

Question 4

What is Amazon Macie?

Answer 4

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS.

Question 5

What is AWS EC2 Instance Store?

Answer 5

An instance store provides temporary block-level storage for your instance. (Low latency storage, data does not persist when the instance is terminated).

Question 6

What is a EC2 Dedicated Host ?

Answer 6

An Amazon EC2 Dedicated Host allows you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2 so that you get the flexibility and cost-effectiveness of using your licenses, but with the resiliency, simplicity, and elasticity of AWS. (It is a physical server).

Question 7

What are the pretenses for removing an AWS account?

Answer 7

The AWS account must be able to operate as a standalone account. Only then it can be removed from AWS organizations

Question 8

What is Amazon Transcribe?

Answer 8

It is a way to add speech-to-text capability to your applications. (Uses deep learning process ASR to convert speech to text quickly and accurately).

Question 9

What are three best practice areas for Reliability in the cloud?

Answer 9

Foundations, Change Management, and Failure Management.

Question 10

What is AWS X-Ray used for?

Answer 10

You can use AWS X-Ray to analyze and debug serverless and distributed applications such as those built using a microservices architecture.

Question 11

Which security service of AWS is enabled for all AWS customers, by default, at no additional cost?

Answer 11

AWS Shield Standard

Question 12

How is AWS Web Application Firewall (AWS WAF) charged?

Answer 12

AWS WAF charges based on the number of web access control lists (web ACLs) that you create, the number of rules that you add per web ACL, and the number of web requests that you receive.

Question 13

What is AWS Secrets Manager?

Answer 13

The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle

Question 14

What is AWS Shield?

Answer 14

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.

Question 15

What is Amazon CloudWatch?

Answer 15

It is a service that monitors applications, responds to performance changes, optimizes resource use, and provides insights into operational health

Question 16

What can CloudWatch be used for?

Answer 16

CloudWatch provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Question 17

What is AWS Key Management Service (AWS KMS) ?

Answer 17

AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications.

Question 18

What are the differences between Dedicated Hosts and Dedicated Instances?

Answer 18

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html

Question 19

Which 2 AWS services support VPC Endpoint Gateway?

Answer 19

Only Amazon S3 and Amazon DynamoDB support VPC gateway endpoint

Question 20

What is the minimum time charge for Linux EC2 instances?

Answer 20

One-minute minimum charge for Linux based EC2 instances

Question 21

Which of the following AWS Support plans provide access to guidance, configuration, and troubleshooting of AWS interoperability with third-party software?

Answer 21

AWS Business Support and AWS Enterprise Support

Question 22

What services do you get for AWS Enterprise Support?

Answer 22

You get 24x7 technical support from high-quality engineers, tools and technology to automatically manage the health of your environment, consultative architectural guidance delivered in the context of your applications and use-cases, and a designated Technical Account Manager (TAM) to coordinate access to proactive/preventative programs and AWS subject matter experts

Question 23

What services do you get for AWS Business Support?

Answer 23

You get 24x7 phone, email and chat access to technical support and architectural guidance in the context of your specific use-cases. You get full access to AWS Trusted Advisor Best Practice Checks. You get access to guidance, configuration, and troubleshooting of AWS interoperability with many common operating systems, platforms, and application stack

Question 24

What services do you get for AWS Developer Support?

Answer 24

This plan also supports general guidance on how services can be used for various use cases, workloads, or applications. You do not get access to Infrastructure Event Management with this plan.

Question 25

What services do you get for AWS Basic Support?

Answer 25

You get 24x7 access to customer service, documentation, whitepapers, and support forums. AWS Trusted Advisor - Access to the core Trusted Advisor checks and guidance to provision your resources following best practices to increase performance and improve security?

Question 26

What is AWS Compute Optimizer?

Answer 26

AWS Compute Optimizer recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics?

Question 27

What are AWS Budgets ?

Answer 27

AWS Budgets allows you to set custom budgets to track your cost and usage from the simplest to the most complex use cases.

Question 28

What is AWS Cost Explorer?

Answer 28

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.

Question 29

What is Amazon Inspector?

Answer 29

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on your Amazon EC2 instances.

Question 30

What is customer managed key (CMK)?

Answer 30

Customer managed keys are KMS keys in your AWS account that you create, own, and manage.

Question 31

What is AWS Software Developer Kit (SDK)?

Answer 31

SDKs take the complexity out of coding by providing language-specific APIs for AWS services.

Question 32

Shared Responsibility Model Overview:

Answer 32

https://aws.amazon.com/compliance/shared-responsibility-model/

Question 33

What is AWS Deep Glacier Archive?

Answer 33

Amazon S3 Glacier Deep Archive is Amazon S3’s lowest-cost storage class and supports long-term retention and digital preservation for data that may be accessed once or twice in a year. (Reference to storage classes https://aws.amazon.com/s3/storage-classes/ )

Question 34

What is AWS Professional services?

Answer 34

The AWS Professional Services organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud?

Question 35

What is AWS Partner Network?

Answer 35

The AWS Partner Network (APN) is the global partner program for technology and consulting businesses that leverage Amazon Web Services to build solutions and services for customers.

Question 36

What are the 7 AWS Route 53 routing policies?

Answer 36

Simple routing
Failover routing
Geolocation routing
Geoproximity routing (traffic flow only)
Latency-based routing
IP-based routing
Multivalue answer routing
Weighted routing.(link https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html)

Question 37

What is AWS CloudTrail Logs?

Answer 37

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. (Has encryption enabled by default)

Question 38

What is Amazon Redshift?

Answer 38

Amazon Redshift is a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis.

Question 39

What are AWS security groups?

Answer 39

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. Security groups act at the instance level, not at the subnet level. You can specify allow rules, but not deny rules. https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html

Question 40

What is a network ACL?

Answer 40

A network access control list (network ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets (i.e. it works at subnet level).
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

Question 41

What is Amazon Elastic Block Store (EBS) ?

Answer 41

is an easy to use, high-performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction-intensive workloads at any scale.

Question 42

What is Amazon Elastic File System (Amazon EFS)?

Answer 42

EFS provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources.

Question 43

What is Access Key ID and Secret Access Key?

Answer 43

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK). Access keys consist of two parts: an access key ID and a secret access key. As a user name and password, you must use both the access key ID and secret access key together to authenticate your requests.

Question 44

What AWS services support reservation of instances to reduce costs?

Answer 44

Amazon Elastic Compute Cloud (Amazon EC2)
Amazon DynamoDB
Amazon Relational Database Service (Amazon RDS)

Question 45

What is APN Consulting Partner?

Answer 45

The AWS Partner Network (APN) is the global partner program for technology and consulting businesses that leverage Amazon Web Services to build solutions and services for customers.

Question 46

What is AWS Artifact?

Answer 46

AWS Artifact is your go-to, central resource for compliance-related information that matters to your organization. It provides on-demand access to AWS security and compliance reports and select online agreements.

Question 47

What is AWS Elastic Load Balancing (ELB)

Answer 47

Elastic Load Balancing (ELB) is used to automatically distribute your incoming application traffic across all the EC2 instances that you are running.

Question 48

What is AWS Abuse team?

Answer 48

The AWS Abuse team can assist you when AWS resources are used to engage in abusive behavior.

Question 49

What is AWS Direct Connect?

Answer 49

AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS

Question 50

What is VPC Endpoint?

Answer 50

A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection.

Question 51

What is AWS Global Accelerator (AMS SSPS)?

Answer 51

Global Accelerator is a network layer service in which you create accelerators to improve availability and performance for internet applications used by a global audience

Question 52

What is AWS Site-to-Site VPN ?

Answer 52

AWS Site-to-Site VPN creates a secure connection between your data center or branch office and your AWS cloud resources

Question 53

What is AWS Elastic Beanstalk?

Answer 53

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with various programming languages

Question 54

What should you think with CloudTrail?

Answer 54

account-specific activity and audit

Question 55

What should you think with CloudWatch?

Answer 55

resource performance monitoring, events, and alerts

Question 56

What should you think with Config?

Answer 56

resource-specific change history, audit, and compliance