Try 10 focused AWS CLF-C02 questions on Cloud Technology and Services, with explanations, then continue with IT Mastery.
Open the matching IT Mastery practice page for timed mocks, topic drills, progress tracking, explanations, and full practice.
| Field | Detail |
|---|---|
| Exam route | AWS CLF-C02 |
| Topic area | Cloud Technology and Services |
| Blueprint weight | 34% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Cloud Technology and Services for AWS CLF-C02. Work through the 10 questions first, then review the explanations and return to mixed practice in IT Mastery.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 34% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These questions are original IT Mastery practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.
Topic: Cloud Technology and Services
A media company wants a cost-effective AWS solution to store many terabytes of application log files for analytics and to host static HTML reports for users, without running or managing any servers. Which of the following actions/solutions will meet these requirements? (Select TWO.)
Options:
A. Store the log files and reports as rows in an Amazon RDS database and build an application layer to retrieve and display them to users.
B. Use Amazon S3 as the central data store for both log files and static reports, allowing analytics tools and content delivery services to access the data directly from S3.
C. Use Amazon EFS to store logs and reports and mount the file system on multiple EC2 instances that perform analytics and host a web server for users.
D. Use Amazon S3 buckets to store all log files and static HTML reports, and configure the bucket hosting the reports for Amazon S3 static website hosting.
E. Use Amazon S3 Glacier Deep Archive as the primary storage location for all logs and static reports so they are always instantly available through a website.
F. Use Amazon EBS volumes attached to Amazon EC2 instances to store log files and run a web server on EC2 to host the static reports.
Correct answers: B and D
Explanation: Amazon S3 is a fully managed object storage service designed to store and retrieve large amounts of data, such as log files, backups, and static web content, without requiring you to manage servers or file systems. It provides high durability, virtually unlimited scalability, and integrations with analytics tools and content delivery services.
For static web content like HTML reports, Amazon S3 can be configured for static website hosting, allowing users to access content directly from S3 without running web servers on Amazon EC2. Alternatives like EBS, EFS, and RDS either require you to manage underlying compute resources or are not optimized or cost-effective for large, file-based storage and static hosting at the Cloud Practitioner level.
Topic: Cloud Technology and Services
A company runs a latency-sensitive trading application in its on-premises data center and wants a more consistent, private network connection to its workloads in AWS than a VPN over the internet can provide. Which of the following actions/solutions will meet these requirements? (Select TWO.)
Options:
A. Provision an AWS Direct Connect dedicated connection from the on-premises data center to an AWS Region.
B. Use Amazon CloudFront to cache application data closer to end users instead of connecting the data center directly to AWS.
C. Set up an AWS Site-to-Site VPN connection over the public internet between the on-premises data center and an Amazon VPC.
D. Create multiple Site-to-Site VPN tunnels to different Availability Zones for higher availability.
E. Use an AWS Direct Connect Hosted Connection from an AWS Partner to link the on-premises data center to AWS.
Correct answers: A and E
Explanation: The company needs a private, more consistent network connection between its on-premises data center and AWS than a typical internet-based VPN can provide. AWS Direct Connect is designed for this use case by offering a dedicated network link into AWS, bypassing the public internet and typically delivering lower latency and more predictable bandwidth.
Both a standard dedicated AWS Direct Connect connection and an AWS Direct Connect Hosted Connection ordered through a partner provide this kind of private, dedicated connectivity. VPN-based options and content delivery services like Amazon CloudFront either still use the public internet or solve a different problem, so they do not fully meet the stated requirements for dedicated, consistent connectivity.
Topic: Cloud Technology and Services
A company’s web application has recently become much slower when users view popular product pages. Monitoring shows a high number of repeated read queries to the same tables in an Amazon RDS database. The team wants to reduce database load by storing frequently accessed data in memory while using a fully managed AWS service. Which service should they use?
Options:
A. Amazon S3
B. Amazon CloudFront
C. Amazon ElastiCache
D. Amazon DynamoDB
Best answer: C
Explanation: The symptom is that the application slows down when users access popular product pages, and monitoring shows many repeated read queries to the same RDS tables. This points to the database being a performance bottleneck due to redundant reads. The simple fix at a Cloud Practitioner level is to introduce a managed in-memory cache, so frequently accessed data can be served from memory instead of hitting the database each time. Amazon ElastiCache provides exactly this capability as a fully managed in-memory data store for caching, which can greatly reduce read load and improve response times.
Topic: Cloud Technology and Services
A company is designing a VPC for a web application. Web servers must be reachable from the internet, but database servers must never be directly accessible from the internet. Which approach best uses subnet segmentation to meet this security goal?
Options:
A. Place database servers in a public subnet for easier remote management and web servers in a private subnet to reduce attacks on the application tier.
B. Place both web servers and database servers in a single private subnet and use a bastion host in a public subnet for administrator access.
C. Place web servers in a public subnet associated with an internet gateway and database servers in a private subnet with no direct internet route, allowing only the web servers’ security group to reach the databases.
D. Place both web servers and database servers in the same public subnet and rely only on security groups to restrict database access.
Best answer: C
Explanation: Subnet segmentation in an Amazon VPC allows you to separate resources that must be publicly reachable from those that should remain internal. A common secure pattern is to place internet-facing resources, such as web servers, in a public subnet that has a route to an internet gateway, while keeping sensitive resources, such as databases, in private subnets with no direct route to the internet.
In this pattern, network access between tiers is tightly controlled using security groups and network ACLs. Only the web servers are reachable from the internet, and they can reach the databases over internal IP addresses. This limits the attack surface while still meeting the application’s connectivity needs.
The deciding attribute in this question is using separate public and private subnets so that only the web tier is exposed to the internet while the database tier remains internal. The correct option is the only one that clearly implements this separation using subnets plus security groups for controlled access.
Topic: Cloud Technology and Services
A company runs workloads in 12 Amazon VPCs in the same AWS Region and has a single on-premises data center connected to AWS by VPN. Managing individual VPC peering connections and separate VPN attachments has become complex and hard to scale. Which AWS service should the company use to centrally simplify this connectivity with a hub-and-spoke model?
Options:
A. AWS Direct Connect
B. VPC peering
C. AWS Transit Gateway
D. AWS Global Accelerator
Best answer: C
Explanation: AWS Transit Gateway is designed to simplify network connectivity for environments with many VPCs and one or more on-premises networks. It acts as a central hub that each VPC and the on-premises network can connect to, creating a hub-and-spoke topology instead of a full mesh of point-to-point connections. This reduces operational complexity and scales more easily as new VPCs or sites are added.
Topic: Cloud Technology and Services
A company manages dozens of similar development, test, and production environments across multiple AWS accounts. The team frequently rolls out new versions and wants infrastructure changes to be deployed in a consistent, automated way with minimal manual work in the AWS Management Console. Which of the following actions/solutions will meet these requirements? (Select TWO.)
Options:
A. Create Amazon CloudWatch dashboards to monitor the application’s performance after each release.
B. Use scripted AWS CLI commands integrated into a CI/CD system to apply infrastructure changes across environments.
C. Use AWS Pricing Calculator before each deployment to estimate the monthly costs of the new resources.
D. Use the AWS Management Console to manually create and update resources in each account and Region.
E. Define the infrastructure in AWS CloudFormation templates and deploy stacks for each environment.
Correct answers: B and E
Explanation: ✔ Define the infrastructure in AWS CloudFormation templates and deploy stacks for each environment. — This provides infrastructure as code so environments can be created and updated automatically and consistently.
✔ Use scripted AWS CLI commands integrated into a CI/CD system to apply infrastructure changes across environments. — This automates deployments through repeatable scripts, reducing manual work and human error.
✖ Use the AWS Management Console to manually create and update resources in each account and Region. — Manual console changes are not scalable or reliably repeatable.
✖ Use AWS Pricing Calculator before each deployment to estimate the monthly costs of the new resources. — Cost estimation is useful but does not help deploy or operate environments.
✖ Create Amazon CloudWatch dashboards to monitor the application’s performance after each release. — Monitoring performance is separate from automating deployments.
In this scenario, the key requirement is to deploy infrastructure changes frequently and consistently with minimal manual effort. Infrastructure-as-code tools like AWS CloudFormation and automated scripting with the AWS CLI in a CI/CD pipeline directly address this by enabling repeatable, automated deployments across many environments.
Topic: Cloud Technology and Services
A data analytics team runs short-lived EC2 instances to process large temporary datasets that are copied from Amazon S3 at the start of each job. The data does not need to be kept after the instance is stopped or terminated, and the team wants very high I/O performance at low cost. Which storage option is the MOST appropriate for the application data during processing?
Options:
A. Use EC2 instance store volumes attached to the instances for the processing data.
B. Use Amazon EFS so multiple EC2 instances can share the same durable file system for the temporary data.
C. Use Amazon EBS General Purpose SSD (gp) volumes so the data persists after the instances stop.
D. Store the processing data directly in Amazon S3 and access it over the network from the EC2 instances.
Best answer: A
Explanation: EC2 instance store volumes are high-performance block storage physically attached to the host server and are ideal for temporary data, such as scratch space or caches, where it is acceptable for data to be lost when the instance stops or is terminated. In this scenario, the data can be recreated from Amazon S3 on each run, so durability is not required and using instance store reduces cost and improves performance. Persistent services like Amazon EBS and Amazon EFS are better suited when you must retain data independently of the instance lifecycle.
Topic: Cloud Technology and Services
A retail company wants to automatically process thousands of customer product reviews each day. The marketing team needs to detect the sentiment (positive, negative, or neutral), extract key phrases, and identify the language of each review without building their own machine learning models. Which AWS service is the MOST appropriate for this requirement?
Options:
A. Amazon Rekognition
B. Amazon Transcribe
C. Amazon Comprehend
D. Amazon Translate
Best answer: C
Explanation: The scenario describes a need to analyze large volumes of customer reviews for sentiment, key phrases, and language detection using a managed service. Amazon Comprehend is designed for natural language processing and directly supports all of these capabilities without requiring custom ML development. Other AI services like Amazon Rekognition, Amazon Transcribe, and Amazon Translate solve different problems such as image/video analysis, speech-to-text, or translation, so they do not fully meet the described requirements. Choosing the NLP-focused service best aligns with the business need for text understanding at scale.
Topic: Cloud Technology and Services
An online retailer stores thousands of customer product reviews in Amazon S3. The company wants to automatically determine the sentiment (positive, negative, neutral) and extract key phrases from these reviews in multiple languages without building or training any machine learning models. Which AWS service is the most appropriate choice?
Options:
A. Amazon Athena
B. Amazon QuickSight
C. Amazon SageMaker AI
D. Amazon Comprehend
Best answer: D
Explanation: The scenario describes a need for text analysis functions such as sentiment detection and key phrase extraction in multiple languages, without building or training models. Amazon Comprehend is AWS’s fully managed NLP service that offers exactly these capabilities through simple APIs. This lets the retailer gain insights from reviews quickly without machine learning expertise or custom model development.
Topic: Cloud Technology and Services
Which deployment model is described when a company runs some applications in its on-premises data center and other applications in the AWS Cloud, with the environments connected and working together?
Options:
A. Cloud-only deployment model
B. Hybrid deployment model
C. On-premises-only deployment model
D. Hosted data center deployment model
Best answer: B
Explanation: The scenario describes workloads split between an on-premises data center and the AWS Cloud, with the two environments connected and working together. This is the definition of a hybrid deployment model. In a hybrid model, organizations can keep certain systems on-premises while taking advantage of cloud benefits for other workloads.
Use the AWS CLF-C02 Practice Test page for the full IT Mastery route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Try AWS CLF-C02 on Web View AWS CLF-C02 Practice Test
Read the AWS CLF-C02 Cheat Sheet on Tech Exam Lexicon, then return to IT Mastery for timed practice.