Free Exam/Cram Practice Materials - Best Exam Practice Materials

IT Certification Guaranteed, The Easy Way!

NO.1 Which AWS services or resources can a company use directly on its on-premises servers?
(Select TWO.)
A. AWS Storage Gateway
B. AWSOpsWorks
C. Amazon Cognito
D. AWS CloudFormation
E. Application Load Balancer
Answer: A,B

NO.2 A static website is hosted in an Amazon S3 bucket Several HTML pages on the site use
JavaScript to download images from another Amazon S3 bucket These images are not displayed
when users browse the site.
What is the possible cause for the issue?
A. The referenced Amazon S3 bucket is in another region
B. The images must be stored in the same Amazon S3 bucket
C. Cross Origin Resource Sharing must be enabled on the Amazon S3 bucket
D. Port 80 must be opened on the security group in which the Amazon S3 bucket is located
Answer: C

NO.3 A user with an AWS Basic Support plan has determined that illegal activities are being run on
their AWS resources. What is the recommended method for the user to report the activity to AWS
A. Contact an AWS technical account manager.
B. Contact the AWS Abuse team.
C. Contact the AWS Support team.
D. Contact the AWS Concierge Support team.
Answer: B

NO.4 Which AWS service will allow a user to set custom cost and usage limits, and will alert when
the thresholds are exceeded?
A. AWS Organizations
B. AWS Trusted Advisor
C. AWS Budgets
D. Cost Explorer
Answer: C

NO.5 A developer needs to use the AWS CLI on an on-premises development server temporarily to
access AWS services while performing maintenance. The developer needs to authenticate to AWS
with their identity for several hours.
What is the MOST secure way to call AWS CLI commands with the developer's IAM identity?
A. Specify the developer's IAM access key ID and secret access key as parameters for each CLI
command
B. Run the aws configure CLI command Provide the developer's IAM access key ID and secret access
key

2 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 1
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

C. Run the get-session-token CLI command with the developer's IAM user. Use the returned
credentials to call the CLI
D. Specify the developer's IAM profile as a parameter for each CLI command
Answer: B

NO.6 A company is building a mobile app to provide shopping recommendations to its customers.
The company wants to use a graph database as part of the shopping recommendation engine.
Which AWS database service should the company choose?
A. Amazon DynamoDB
B. Amazon Aurora
C. Amazon Neptune
D. Amazon DocumentDB (with MongoDB compatibility)
Answer: C

NO.7 A company has a managed IAM policy that does not grant the necessary permission for users
to accomplish required tasks.
How can this be resolved?
A. Use a third party web application firewall (WA( ) managed rule from the AWS Marketplace
B. Create a custom IAM policy
C. Use AWS Key Management Service (AWS KMS) to create a customer managed key
D. Enable AWS Shield Advanced
Answer: D

NO.8 A large organization has a single AWS account.

What are the advantages of reconfiguring the single account into multiple AWS accounts? (Select
TWO.)
A. Amazon QuickSight offers access to a cost tool that provides application-specific
recommendations for environments running in multiple accounts.
B. Having multiple accounts reduces the risks associated with malicious activity targeted at a single
account.
C. It allows for administrative isolation between different workloads.
D. Discounts can be applied on a quarterly basis by submitting cases in the AWS Management
Console.
E. Transitioning objects from Amazon S3 to Amazon S3 Glacier in separate AWS accounts will be less
expensive.
Answer: B,C

NO.9 A company is required lo store its data close to its primary users. Which benefit of the AWS
Cloud supports this requirement?
A. Security
B. Elasticity
C. High availability
D. Global footprint

3 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 2
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer: D

NO.10 Under the AWS shared responsibility model what are the customer's responsibilities? (Select
TWO.)
A. Physical network devices including firewalls
B. Physical and environmental security
C. Data integrity authentication
D. Storage device decommissioning
E. Security of data in transit
Answer: D

NO.11 How does the AWS Cloud pricing model differ from the traditional on-premises storage
pricing model?
A. There are no software licensing costs
B. AWS resources do not incur costs
C. There are no Infrastructure operating costs
D. There are no upfront cost commitments
Answer: D

NO.12 The AWS Trusted Advisor checks include recommendations regarding which of the following?
(Select TWO.)
A. Available software patches
B. Number of users in the account
C. Multi-factor authentication enabled on the AWS account root user
D. Information on Amazon S3 bucket permissions
E. AWS service outages
Answer: A,D

NO.13 Which of the following security-related services does AWS offer? (Select TWO.)
A. Automated penetration testing
B. Data encryption
C. Amazon S3 copyrighted content detection
D. AWS Trusted Advisor security checks
E. Multi-factor authentication physical tokens
Answer: B,D
Explanation:
AWS encrypts data in transit and AWS Trusted Advisor is an application that draws upon best
practices learned from AWS' aggregated operational history of serving hundreds of thousands of
AWS customers. Trusted Advisor inspects your AWS environment and makes recommendations for
saving money, improving system performance, or closing security gaps.

NO.14 Which of the following enable a company to reserve capacity on AWS? (Select TWO.)
A. Reserved instance reporting

4 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 3
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

B. Zonal Reserved Instances

C. Savings Plans
D. On-Demand Capacity Reservations
E. AWS services in scope
Answer: C,D

NO.15 Which AWS service can a company use to manage encryption keys in the cloud?
A. AWS Certificate Manager (ACM)
B. AWS Directory Service
C. AWS License Manager
D. AWS CloudHSM
Answer: D

NO.16 A company is moving its development and test environments to AWS to increase agility and
reduce cost Because these are not production workloads and the servers are not fully utilized and
acceptable.
What is the MOST cost-effective Amazon EC2 pricing model that will meet these requirements?
A. Dedicated Hosts
B. Spot Instances
C. On-Demand Instances
D. Reserved Instances
Answer: C
Explanation:
On-demand - The Most Flexible. As the name implies, on-demand is the most flexible, pay-as-you-go
pricing option. With on-demand instances, you pay for compute capacity on an hourly or per second
basis and only pay for the EC2 instances you actually use.

NO.17 Which of the following will help a user determine if they need to request a VPC service limit
increase?
A. AWS Personal Health Dashboard
B. AWS Trusted Advisor
C. AWS Cost and Usage Report
D. AWS Service Catalog
Answer: A
Explanation:
AWS Cost and Usage Reports tracks your AWS usage and provides estimated charges associated with
your account. Each report contains line items for each unique combination of AWS products, usage
type, and operation that you use in your AWS account.
AWS Trusted Advisors provides recommendations that help you follow AWS best practices. Trusted
Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS
infrastructure, improve security and performance, reduce costs, and monitor service quotas.
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing
events that may impact you. ... The dashboard displays relevant and timely information to help you
manage events in progress, and provides proactive notification to help you plan for scheduled

5 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 4
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

activities.
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are
approved for use on AWS. These IT services can include everything from virtual machine images,
servers, software, and databases to complete multi-tier application architectures.

NO.18 A company has a workload that requires data to be collected, analyzed and stored on
premises The company wants to extend the use of AWS services to run on premises with access to
the company network and the company's VPC.
Which AWS service meets this requirement?
A. AWS Snowball
B. AWS Storage Gateway
C. AWS Direct Connect
D. AWS Outposts
Answer: B

NO.19 Which service's PRIMARY purpose is software version control?

A. AWS CodeCommit
B. AWS Command Line Interface (AWS CLI)
C. Amazon Cognito
D. Amazon CodeStar
Answer: A

NO.20 A company is managing millions of documents in hundreds of Amazon S3 buckets that are
located in multiple AWS Regions. The company needs to find out if the S3 buckets are hosting
information (PII).
What can the company do to meet this requirement with the LEAST amount of operational
overhead?
A. Use AWS Lambda functions to review each file in the S3 buckets to identify PII
B. Use Amazon Detective to identify any PII that is stored in the S3 buckets
C. Use Amazon Macie to identify and provide alerts about PII
D. Use AWS Trusted Advisor to generate PII notifications
Answer: C
Explanation:
Macie automatically detects a large and growing list of sensitive data types, including personally
identifiable information (PII) such as names, addresses, and credit card numbers. It also gives you
constant visibility of the data security and data privacy of your data stored in Amazon S3.

NO.21 Which AWS service gives a company the ability to use a private, dedicated connection
between a VPC and an on-premises data center?
A. AWS CloudFormation
B. Amazon API Gateway
C. AWS Direct Connect
D. AWS Systems Manager
Answer: C

6 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 5
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

NO.22 Which tool should a developer use to integrate AWS service features directly into an
application?
A. AWS Software Development Kit
B. AWS Batch
C. AWS CodeDeploy
D. AWS Lambda
Answer: A

NO.23 A customer needs to run a MySQL database that easily scales.

Which AWS service should they use?
A. Amazon Redshift
B. Amazon DynamoDB
C. Amazon ElastiCache
D. Amazon Aurora
Answer: D

NO.24 A company wants to ensure that two Amazon EC2 instances are in separate data centers with
minimal communication latency between the data centers.
How can the company meet this requirement?
A. Place both EC2 instances in a placement group for dedicated bandwidth
B. Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection
C. Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using
an AWS VPN
D. Place the EC2 instances in two separate Availability Zones within the same AWS Region
Answer: D

NO.25 How can consolidated billing within AWS Organizations help lower overall monthly expenses?
A. By providing a consolidated view of monthly billing across multiple accounts
B. By leveraging service control policies (SCPs) tor centralized service management
C. By pooling usage across multiple accounts to achieve a pricing tier discount
D. By automating the creation of new accounts through APIs
Answer: B

NO.26 An Elastic Load Balancer allows the distribution of web traffic across multiple:
A. AWS Regions.
B. Dedicated Hosts
C. Availability Zones.
D. Amazon S3 buckets.
Answer: C

NO.27 Which AWS service is suited for use cases that require data system?
A. Amazon Elastic Block Store (Amazon EBS)

7 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 6
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html
 Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

B. Amazon S3
C. Amazon FSx for Lustre
D. Amazon Elastic File System (Amazon EFS)
Answer: A

NO.28 A retail company needs to build a highly available architecture for a new ecommerce
platform. The company is using only AWS services that replicate data across multiple Availability
Zones.
Which AWS services should the company use to meet this requirement? (Select TWO.)
A. Amazon Redshift
B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon Aurora
D. Amazon EC2
E. Amazon DynamoDB
Answer: C,E

NO.29 A company wants to store a copy of its on-premises data backups to the AWS Cloud. Data
durability is not a concern, but the company wants to be able to begin retrieval of the data within
milliseconds.
What is the MOST cost-effective storage solution?
A. Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
B. Amazon S3 Glacier
C. Amazon S3 Standard
D. Amazon S3 Standard-Infrequent Access (S3 Standard-IA)
Answer: A

NO.30 A company has a serverless application that uses AWS Lambda functions and AWS Systems
Manager parameters to store configuration data The company moves the Lambda functions inside
the VPC and into private subnets The Lambda functions are now producing errors in their attempts to
access Systems Manager parameters.
Which solution will allow the Lambda functions to access Systems Manager parameters inside the
VPC?
A. Configure security groups to allow access to Systems Manager
B. Use an internet gateway from inside the VPC
C. Create an interface VPC endpoint for Systems Manager
D. Create a gateway VPC endpoint for Systems Manager
Answer: D

8 from Freecram.net.
Get Latest & Valid CLF-C01 Exam's Question and Answers 7
https://www.freecram.net/exam/CLF-C01-amazon-aws-certified-solutions-architect-cloud-practitioner-e10654.html