CLF-C02 Online Practice Questions

Home / Amazon / CLF-C02

Latest CLF-C02 Exam Practice Questions

The practice questions for CLF-C02 exam was last updated on 2025-04-26 .

Viewing page 1 out of 50 pages.

Viewing questions 1 out of 250 questions.

Question#1

Which AWS service or resource can a company use to deploy AWS WAF rules?

A. Amazon EC2
B. Application Load Balancer
C. AWS Trusted Advisor
D. Network Load Balancer

Explanation:
Application Load Balancer (ALB) integrates with AWS WAF to deploy and manage WAF rules for incoming traffic. ALB can route HTTP and HTTPS traffic and apply WAF rules to protect applications from common web exploits. Network Load Balancer does not support AWS WAF, and Trusted Advisor does not deploy WAF rules.

Question#2

A company has a client that uses an Amazon RDS database. The client requests Information about operating system-level upgrades on the AWS resources that host the RDS database. The company employs a third-party provider to monitor the RDS database.
Who is responsible for upgrading the operating systems for Amazon RDS under the AWS shared responsibility model?

A. The client
B. The company
C. AWS
D. The third-party provider

Explanation:
Under the AWS shared responsibility model, AWS is responsible for managing the underlying infrastructure, including operating system-level updates on managed services like Amazon RDS.
Customers are responsible for managing the database instance and configurations, but AWS handles OS updates for the infrastructure supporting RDS.

Question#3

Which AWS service is used for content delivery and caching?

A. AWS Lambda
B. Amazon S3
C. Amazon EC2
D. Amazon CloudFront

Question#4

Which AWS tool or feature acts as a VPC firewall at the subnet level?

A. Security group
B. Network ACL
C. Traffic Mirroring
D. Internet gateway

Explanation:
Network ACLs (NACLs) are subnet-level firewalls in AWS, controlling inbound and outbound traffic for VPC subnets. They provide an additional layer of security by allowing or denying traffic based on IP protocol, source and destination IP, and port. Security groups operate at the instance level, while Traffic Mirroring and Internet Gateways do not function as firewalls at the subnet level.

Question#5

A company needs to implement identity management for a fleet of mobile apps that are running in the AWS Cloud.
Which AWS service will meet this requirement?

A. Amazon Cognito
B. AWS Security Hub
C. AWS Shield
D. AWS WAF

Explanation:
Amazon Cognito is a service that provides identity management for mobile and web applications, allowing users to sign up, sign in, and access AWS resources with different identity providers. AWS Security Hub is a service that provides a comprehensive view of the security posture of AWS accounts and resources. AWS Shield is a service that provides protection against distributed denial of service (DDoS) attacks. AWS WAF is a web application firewall that helps protect web applications from common web exploits.

Exam Code: CLF-C02Q & A: 789 Q&AsUpdated:  2025-04-26

 Get All CLF-C02 Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2025 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.