Free CLF-C02 Exam Braindumps

- (Exam Topic 3)
A company provides Amazon Workspaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific websites that are known to be malicious.
Which AWS service should the company use to meet this requirement?

1. A. AWS Shield Advanced
2. B. Amazon Route 53
3. C. Amazon GuardDuty
4. D. AWS Network Firewall

Correct Answer: D
https://aws.amazon.com/blogs/desktop-and-application-streaming/filtering-internet-traffic-from-amazon-worksp AWS Network Firewall extends protection beyond SG- and NACL-levels by protecting at the route level and offering stateless and stateful rules from layers 3 through 7 in the OSI Model. It uses the certificate fully qualified domain name (FQDN) or Server Name Indication (SNI) to determine if a website is allowed for HTTPS traffic. This is a commonly requested security requirement. Reviewing these design examples of AWS Network Firewall will accelerate your migration to Amazon WorkSpaces. AWS Network Firewall is a managed service, with no infrastructure to manage or patch you can simplify operational excellence. Native settings for advanced filtering (including domain name), and network traffic inspection can alert and block traffic related to malware. It also has layer 7 intrusion prevent system (IPS) rules, and the ability to apply TLS fingerprinting to prevent a spoofed IP or FQDN.

- (Exam Topic 1)
Which of the following are characteristics of AWS WAF? (Select TWO.)

1. A. Acts as a firewall that controls inbound and outbound traffic between Amazon EC2 instances
2. B. Acts as a firewall that controls inbound and outbound traffic between subnets
3. C. Gives users the ability to block traffic that has specific HTTP headers
4. D. Protects websites that are not hosted on AWS
5. E. Scans Amazon EC2 instances for common vulnerabilities

Correct Answer: BC
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. This gives you an additional layer of protection from web attacks that attempt to exploit vulnerabilities in custom or third party web applications. In addition, AWS WAF makes it easy to create rules that block common web exploits like SQL injection and cross site scripting.
AWS WAF allows you to create a centralized set of rules that you can deploy across multiple websites. This means that in an environment with many websites and web applications you can create a single set of rules that you can reuse across applications rather than recreating that rule on every application you want to protect.

- (Exam Topic 1)
A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud. Which costs will the company eliminate with this migration? (Select TWO.)

1. A. Cost of data center operations
2. B. Cost of application licensing
3. C. Cost of marketing campaigns
4. D. Cost of physical server hardware
5. E. Cost of network management

Correct Answer: AD

- (Exam Topic 1)
A company is planning to build a workload in the AWS Cloud. The company needs to estimate the costs of the network, compute, storage, and database for the workload. Which AWS service or tool should the company use to generate this estimate?

1. A. AWS Budgets
2. B. AWS Organizations
3. C. Cost Explorer
4. D. AWS Pricing Calculator

Correct Answer: D
To estimate a bill, use the AWS Pricing Calculator. Choose Create estimate, and then choose your planned resources by service.

- (Exam Topic 1)
A company wants a cost-effective option when running its applications in an Amazon EC2 instance for short time periods. The applications can be interrupted. Which EC2 instance type will meet these requirements?

1. A. Spot Instances
2. B. On-Demand Instances
3. C. Reserved Instances
4. D. Dedicated Instances

Correct Answer: A
Spot Instances - Spot Instances are the most cost-effective choice if you are flexible about when your applications run and if your applications can be interrupted.