Amazon AWS

AWS Certified Cloud Practitioner

CLF-C02
Popular

The AWS Certified Cloud Practitioner (CLF-C02) exam is designed for individuals who want to demonstrate their overall understanding of AWS Cloud. It covers basic AWS services and their benefits.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 441–450 of 486

Q441

You are configuring IAM policies for a team. What occurs when you set a policy to deny all actions?

  • A It overrides all allow policies
  • B Team can perform no actions
  • C Only specific roles are denied
  • D Allows actions based on conditions
Explanation A deny policy will always take precedence over allow policies, restricting actions regardless of other permissions. The others do not accurately represent IAM policy behavior.
Q442

What does Amazon EC2 stand for?

  • A Elastic Cloud Compute
  • B Enterprise Cloud Control
  • C Elastic Container Service
  • D Enhanced Cloud Environment
Explanation Amazon EC2 stands for Elastic Cloud Compute, while other options describe unrelated services.
Q443

A company needs to analyze potential cost savings for AWS services. Which service can help achieve this?

  • A AWS Cost Explorer
  • B AWS CloudTrail
  • C AWS Config
  • D AWS Direct Connect
Explanation AWS Cost Explorer provides detailed cost analysis, while the others serve different purposes.
Q444

You are configuring IAM policies for a user. What happens if a policy grants permission to perform an action but is also denied by another policy?

  • A The action is allowed
  • B The action is denied
  • C The user receives an error
  • D The decision is delayed
Explanation Deny overrides allow in IAM, so access will be denied despite the grant.
Q445

Which AWS service is primarily used for setting up a content delivery network?

  • A Amazon CloudFront
  • B Amazon S3
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon CloudFront accelerates content delivery globally, while the others serve different purposes.
Q446

A company needs to automate their application deployment using code. Which service should they use?

  • A AWS CloudFormation
  • B AWS Lambda
  • C Amazon EC2
  • D AWS IAM
Explanation AWS CloudFormation automates resource management, while others do not focus on infrastructure as code.
Q447

You are configuring a VPC with public and private subnets. What happens if you set a public subnet's route table without an internet gateway?

  • A Inaccessible from the Internet
  • B Accessed via VPN only
  • C Direct connection available
  • D Traffic routed through NAT
Explanation A public subnet needs an internet gateway for external access, making it inaccessible without it.
Q448

Which service helps to distribute incoming application traffic?

  • A Amazon CloudFront
  • B Amazon Route 53
  • C AWS Elastic Load Balancing
  • D AWS Direct Connect
Explanation AWS Elastic Load Balancing spreads traffic across multiple resources, while others serve different purposes.
Q449

A company needs to securely manage user access to AWS resources. Which feature should they implement?

  • A IAM Roles
  • B S3 Bucket Policies
  • C CloudTrail{
  • D AWS Config
Explanation IAM Roles are designed for controlling access securely, whereas the others serve different access or monitoring functions.
Q450

What happens when an S3 bucket policy denies all access?

  • A All actions denied immediately
  • B Permissions are still evaluated
  • C Bucket becomes private automatically
  • D Objects can still be accessed
Explanation A deny policy takes precedence, blocking all access immediately, while others suggest incorrect behaviors regarding permissions.