AWS Certified Cloud Practitioner (CLF-C02) Mock Test

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.

Amazon EFS provides simple, scalable, elastic file storage for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files.

AWS Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS Cloud. It's useful when network bandwidth is limited or transferring large data over the internet is too slow or costly.

Agility in the AWS Cloud refers to the ability to innovate and experiment quickly. AWS allows organizations to spin up resources in minutes, try new ideas, and decommission resources if an experiment fails, reducing the risk and cost of innovation.

The AWS Cloud Adoption Framework (AWS CAF) provides guidance and best practices to help organizations build a comprehensive approach to cloud computing across the organization and throughout the IT lifecycle to accelerate successful cloud adoption.

AWS KMS is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. It uses Hardware Security Modules (HSMs) to protect the security of your keys.

AWS Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources.

The root user has unrestricted access. It's a best practice to enable Multi-Factor Authentication (MFA) for the root user and avoid using it for daily tasks. Create IAM users for administrative tasks.

A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Security groups are stateful.

Amazon S3 Glacier and S3 Glacier Deep Archive are secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data archiving and long-term backup.

An AWS Region is a physical geographic location in the world where AWS clusters data centers. Each Region consists of multiple, isolated, and physically separate Availability Zones within that geographic area.

The AWS Well-Architected Framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads based on five pillars.

IAM access keys should be rotated regularly to reduce the risk if they are compromised. Long-lived static credentials should be avoided where possible.

Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of some of its components.

Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Amazon Elastic Block Store (EBS) provides persistent block-level storage volumes for use with Amazon EC2 instances. Each EBS volume is automatically replicated within its Availability Zone to protect you from component failure.

A Network ACL is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. NACLs are stateless.

Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions, in one or more Availability Zones.

Amazon Simple Storage Service (S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. It's commonly used for backup, archiving, data lakes, and hosting static websites.

Amazon Route 53 is a scalable and highly available Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications.

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.

Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. This allows businesses to access compute power, storage, and databases without managing physical data centers.

AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. It can scale multiple resources across multiple services.

Reserved Instances (RIs) provide a significant discount (up to 72%) compared to On-Demand pricing in exchange for a commitment to use a specific instance type in a specific Region for a 1-year or 3-year term.

AWS Trusted Advisor inspects your AWS environment and makes recommendations to help you follow AWS best practices in areas like cost optimization, security, fault tolerance, performance, and service limits.

Scalability is the ability of an application or system to handle a growing amount of work by adding resources, either vertically (increasing the size of existing resources) or horizontally (adding more resources).

The Enterprise Support plan provides access to a designated Technical Account Manager (TAM) who provides proactive guidance and helps you design, deploy, and manage your applications on AWS.

Amazon EC2 provides virtual servers (instances), which is a fundamental IaaS offering, giving users control over the operating system and underlying compute resources.

AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’s security and compliance reports and select online agreements.

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. You can view data up to the last 13 months, forecast how much you’re likely to spend for the next three months, and get recommendations for what Reserved Instances to purchase.

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Amazon Macie is a data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automatically detects a large and growing list of sensitive data types, including personally identifiable information (PII) such as names, addresses, and credit card numbers.

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. You simply upload your code, and Elastic Beanstalk automatically handles the deployment.

PaaS provides a platform for customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. The provider manages the underlying infrastructure.

Hosting a static website on Amazon S3 is a cost-effective, scalable, and reliable solution. It eliminates the need to manage web servers.

The AWS Pricing Calculator lets you explore AWS services and create an estimate for the cost of your use cases on AWS. It's useful for planning and budgeting before deploying resources.

Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. It's a fully managed, multi-region, multi-active, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications.

AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. You can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

Amazon Redshift is a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to analyze all your data using your existing business intelligence tools.

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. AWS is PCI DSS compliant.

The Reliability pillar focuses on ensuring a workload performs its intended function correctly and consistently when it’s expected to. This includes the ability to operate and test the workload through its total lifecycle and to recover from failures.

An IAM role is an IAM identity that you can create in your account that has specific permissions. It is similar to an IAM user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it.

AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion (Infrastructure as Code).

AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.

AWS Control Tower provides the easiest way to set up and govern a new, secure, multi-account AWS environment. It automates the setup of a baseline environment, or landing zone, that is a secure, well-architected, multi-account AWS environment.

The AWS Free Tier enables you to gain free, hands-on experience with the AWS platform, products, and services. It includes offers that are always free, 12 months free, and short-term trials.

For EC2, the customer is responsible for tasks such as guest operating system patching, security group configuration, and managing data encryption within the instance.

The principle of least privilege is a security concept that states users and applications should only be granted the minimum permissions necessary to perform their tasks.

AWS Budgets allows you to set custom budgets to track your cost and usage from the simplest to the most complex use cases. You can also set alerts to notify you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.

Availability Zones (AZs) are distinct locations within an AWS Region that are engineered to be isolated from failures in other AZs. Deploying resources across multiple AZs enhances high availability.

Amazon ECS is a fully managed container orchestration service that helps you easily deploy, manage, and scale containerized applications. It integrates with other AWS services like IAM, VPC, and Elastic Load Balancing.

The AWS Shared Responsibility Model defines that AWS is responsible for the security 'of' the cloud (infrastructure, hardware, software, facilities), while the customer is responsible for security 'in' the cloud (data, platform, applications, identity, and access management).

Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.

AWS Organizations helps you centrally govern your environment as you grow and scale your workloads on AWS. You can create service control policies (SCPs) to manage permissions across multiple AWS accounts.

Moving to the AWS Cloud allows companies to trade capital expenses (like buying servers) for variable expenses (paying only for what they use), reducing upfront investment and operational costs.

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment.

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield Standard is automatically enabled for all AWS customers at no additional charge.

Amazon RDS makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups.

Pay-as-you-go pricing means you only pay for the resources you consume, for as long as you use them, without long-term contracts or upfront commitments. This allows for cost savings and flexibility.

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment.

A hybrid cloud deployment model combines public cloud resources (like AWS) with private cloud resources (on-premises infrastructure) or other clouds, allowing data and applications to be shared between them.

Amazon CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds, all within a developer-friendly environment.

Elasticity is the ability of the cloud to automatically scale resources up or down based on demand, ensuring that you have the capacity you need while only paying for what you use.

AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers. You pay only for the compute time you consume.