CLF-C02 Amazon Web Services Exam Lab Questions

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You can use IAM to create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. IAM is always provided at nocharge12. References: 1: AWS Identity and Access Management (IAM) - Amazon Web Services (AWS), 2: Which aws service is always provided at no charge? - Brainly.in

AnIAM useris created when the company needs to provide unique credentials (username and password) to individuals who need access to the AWS Management Console or programmatic access (using access keys) to AWS services.

B. When the company creates AWS access credentials for individuals: Correct, as an IAM user is created to provide credentials for specific individuals.

D. When the company needs to add users to IAM groups: Correct, as IAM users can be added to groups to apply permissions and policies at a group level.

A. When an application that runs on Amazon EC2 instances requires access to other AWS services: Incorrect, as an IAM role is more appropriate for applications running on EC2 to assume temporary credentials.

C. When the company creates an application that runs on a mobile phone that makes requests to AWS: Incorrect, as using Cognito or a role with temporary credentials is more suitable.

E. When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time: Incorrect, as this use case typically involves IAM roles combined with AWS Single Sign-On (SSO).

AWS Cloud References:

IAM Users and Groups

IAM Roles

Spot Instances are a type of EC2 instance that let you bid on unused compute capacity, which AWS offers at a discount of up to 90% compared to On-Demand prices1. Spot Instances are suitable for fault-tolerant, stateless, or flexible applications that can handle interruptions2. Spot Instances can be interrupted with a two-minute warning when EC2 needs the capacity back3. The other options are not pricing models that will interrupt a running EC2 instance if capacity becomes temporarily unavailable

AWS Artifact is a self-service portal that provides on-demand access to AWS security and compliance reports and select online agreements. Users can download reports such as AWS ISO certifications, PCI reports, SOC reports, and GDPR DPA, and review and accept agreements such as BAA and NDA. AWS Artifact helps users to understand and meet compliance requirements for various standards and regulations that apply to AWS services and infrastructure. AWS Artifact is the best resource for a user to find compliance-related information and reports about AWS, whereas the other options are not