Sure Pass Exam CLF-C02 PDF

Customers share responsibility with AWS for security and compliance of AWS accounts and resources. This is part of the AWS shared responsibility model, which defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the physical and environmental controls of the AWS global infrastructure, such as power, cooling, fire suppression, and physical access. The customer is responsible for the security in the cloud, which includes the configuration and management of the AWS resources and applications, such as identity and access management, encryption, firewall, and backup. For more information, see AWS Shared Responsibility Model and AWS Cloud Security.

Amazon GuardDuty is a service that provides intelligent threat detection and continuous monitoring for the AWS environment. It analyzes network and account activity using machine learning and threat intelligence to identify potential security threats, such as unauthorized access, compromised credentials, malicious hosts, and reconnaissance activities. It also generates detailed and actionable findings that can be viewed on the AWS Management Console or sent to other AWS services, such as Amazon CloudWatch Events and AWS Lambda, for further analysis or remediation. Amazon GuardDuty OverviewAWS Certified Cloud Practitioner - aws.amazon.com

Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. It supports both key-value and document data models, and allows you to create tables that can store and retrieve any amount of data, and serve any level of request traffic. You can also use DynamoDB Streams to capture data modification events in DynamoDB tables.

 The correct answers are B and D because making data-driven decisions to determine cloud architectural design and testing systems at production scale are AWS Cloud design principles. Making data-driven decisions to determine cloud architectural design means that users should collect and analyze data from their AWS resources and applications to optimize their performance, availability, security, and cost. Testing systems at production scale means that users should simulate real-world scenarios and load conditions to validate the functionality, reliability, and scalability of their systems. The other options are incorrect because they are not AWS Cloud design principles. Paying for compute resources in advance means that users have to invest heavily in data centers and servers before they know how they will use them. This is not a cloud design principle, but rather a traditional IT model. Emphasizing manual processes to allow for changes means that users have to rely on human intervention and coordination to perform operational tasks and updates. This is not a cloud design principle, but rather a source of inefficiency and error. Refining operational procedures infrequently means that users have to stick to the same methods andpractices without adapting to the changing needs and feedback. This is not a cloud design principle, but rather a hindrance to innovation and improvement. Reference: AWS Well-Architected Framework