Amazon AWS

AWS Certified Cloud Practitioner

CLF-C02
Popular

The AWS Certified Cloud Practitioner (CLF-C02) exam is designed for individuals who want to demonstrate their overall understanding of AWS Cloud. It covers basic AWS services and their benefits.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 131–140 of 486

Q131

A company needs to analyze large datasets in real-time. Which AWS service is ideal for this requirement?

  • A Amazon S3
  • B Amazon Redshift
  • C Amazon Kinesis
  • D AWS Glue
Explanation Amazon Kinesis is designed for real-time data processing, while others focus on storage or batch processing.
Q132

What happens when you use an IAM policy with an 'Allow' statement at the resource level and an explicit 'Deny' at the account level?

  • A Allow overrides Deny
  • B Deny takes precedence
  • C Neither applies
  • D Allow is ignored
Explanation In IAM, explicit Deny always takes precedence over Allow, ensuring no permissions are granted.
Q133

Which service provides a managed environment for running containers?

  • A AWS Lambda
  • B Amazon ECS
  • C AWS CloudFormation
  • D Amazon RDS
Explanation Amazon ECS is specifically designed for container orchestration, while the others serve different purposes.
Q134

A company needs to securely store access keys for their applications. Which AWS service should they use?

  • A AWS Secrets Manager
  • B AWS S3
  • C Amazon Aurora
  • D AWS IAM
Explanation AWS Secrets Manager is designed for storing sensitive information securely, unlike the others.
Q135

What happens when an IAM user has multiple group memberships?

  • A Denies all permissions
  • B Combines all group permissions
  • C Only uses the least privileged group
  • D Uses only the first group's permissions
Explanation IAM users receive permissions that are the union of all the attached groups' permissions.
Q136

Which service provides a managed NoSQL database option on AWS?

  • A Amazon DynamoDB
  • B Amazon RDS
  • C Amazon Aurora
  • D Amazon Redshift
Explanation DynamoDB is a managed NoSQL service; RDS, Aurora, and Redshift are SQL-based services.
Q137

A company needs to securely manage credentials for its applications. What AWS service should they use?

  • A AWS Key Management Service
  • B AWS IAM
  • C AWS Secrets Manager
  • D AWS Config
Explanation AWS Secrets Manager is explicitly designed for managing sensitive information like credentials; IAM manages permissions, not secrets.
Q138

You are configuring an Amazon S3 bucket policy; what will happen if you deny all actions in your bucket policy?

  • A No user can access the bucket
  • B All users can still access it
  • C Only admins can manage the bucket
  • D Public access is granted by default
Explanation Denying all actions prevents any access to the bucket; there is no implicit allow.
Q139

Which service allows you to manage permissions centrally in AWS?

  • A AWS IAM
  • B AWS CloudTrail
  • C AWS Inspector
  • D Amazon S3
Explanation AWS IAM is specifically designed for managing permissions, while others serve different purposes like auditing or storage.
Q140

A company needs a scalable web application without managing servers. Which AWS service should they use?

  • A Amazon EC2
  • B AWS Lambda
  • C Amazon RDS
  • D Amazon S3
Explanation AWS Lambda allows running code without provisioning or managing servers, unlike EC2, which requires server management.