Amazon AWS

AWS Certified Cloud Practitioner

CLF-C02
Popular

The AWS Certified Cloud Practitioner (CLF-C02) exam is designed for individuals who want to demonstrate their overall understanding of AWS Cloud. It covers basic AWS services and their benefits.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 261–270 of 486

Q261

You are configuring IAM roles for a new application. Which policy type is unrestricted and allows actions within specified limits?

  • A Identity-based policy
  • B Resource-based policy
  • C Service control policy
  • D Permission boundary
Explanation Permission boundaries define limits for IAM roles, whereas the others govern permissions differently.
Q262

Which AWS service is best for real-time event processing?

  • A Amazon Kinesis
  • B AWS S3
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon Kinesis is designed for real-time processing, while the others serve different use cases.
Q263

A company needs to share objects stored in S3 securely with external parties. What should they use?

  • A S3 bucket policy
  • B CloudFront distribution
  • C Direct Connect
  • D VPN Connection
Explanation An S3 bucket policy can securely control access, whereas the other options are unrelated to S3 permissions.
Q264

What happens when an EC2 instance is terminated?

  • A Data persists in EBS
  • B Data is lost in EBS
  • C Instance state is saved
  • D Instance is reused immediately
Explanation By default, data on an instance store volume is lost; EBS needs proper configuration for persistence.
Q265

A company needs to store large amounts of unstructured data. Which AWS service should they use?

  • A Amazon S3
  • B Amazon RDS
  • C AWS Lambda
  • D Amazon DynamoDB
Explanation Amazon S3 is designed for unstructured data, while RDS is for structured data, Lambda for serverless functions, and DynamoDB is a NoSQL database.
Q266

What happens when you enable versioning on an S3 bucket?

  • A Old versions are deleted
  • B Each new upload overwrites existing
  • C Previous versions are preserved
  • D Bucket becomes read-only
Explanation Enabling versioning preserves all versions of objects, while A and B are incorrect, and D is not true as the bucket remains writable.
Q267

You are configuring an IAM policy. What is the default permission for a new IAM user?

  • A Administrator access
  • B No permissions
  • C S3 read-only access
  • D Full permissions on EC2
Explanation By default, new IAM users have no permissions until specifically granted, whereas A, C, and D inaccurately suggest predefined permissions.
Q268

Which AWS service allows you to run code without provisioning servers?

  • A AWS Lambda
  • B Amazon EC2
  • C Amazon S3
  • D AWS CloudFormation
Explanation AWS Lambda is designed for serverless computing, while EC2 requires server provisioning, S3 is for storage, and CloudFormation is for infrastructure management.
Q269

A company needs to securely store sensitive data. Which AWS service should it use for automatic encryption at rest?

  • A Amazon Athena
  • B Amazon RDS
  • C Amazon S3
  • D AWS IAM
Explanation Amazon S3 automatically encrypts data at rest if configured, while RDS, Athena, and IAM do not inherently provide this feature.
Q270

What happens when you modify an IAM policy attached to a user?

  • A Access is immediately revoked.
  • B Only new permissions are added.
  • C Both new and old permissions are used.
  • D Existing permissions are overridden.
Explanation Modifying an IAM policy overrides existing permissions, while not all new permissions are retained or added, and revocation happens immediately.