Free CLF-C01 Exam Braindumps

- (Exam Topic 1)
Which of the following are characteristics of AWS WAF? (Select TWO.)

1. A. Acts as a firewall that controls inbound and outbound traffic between Amazon EC2 instances
2. B. Acts as a firewall that controls inbound and outbound traffic between subnets
3. C. Gives users the ability to block traffic that has specific HTTP headers
4. D. Protects websites that are not hosted on AWS
5. E. Scans Amazon EC2 instances for common vulnerabilities

Correct Answer: BC
AWS WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. This gives you an additional layer of protection from web attacks that attempt to exploit vulnerabilities in custom or third party web applications. In addition, AWS WAF makes it easy to create rules that block common web exploits like SQL injection and cross site scripting.
AWS WAF allows you to create a centralized set of rules that you can deploy across multiple websites. This means that in an environment with many websites and web applications you can create a single set of rules that you can reuse across applications rather than recreating that rule on every application you want to protect.

- (Exam Topic 2)
What should a user do if the user loses an IAM secret access key?

1. A. Retrieve the secret access key by using the IAM console.
2. B. Create a new user with a new access key and a new secret access key.
3. C. Rotate the secret access key.
4. D. Request a new secret access key from AWS Support.

Correct Answer: C

- (Exam Topic 2)
A company moves a workload to AWS lo run on Amazon EC2 instances. The company needs to run the workload in the most cost-effective way.
What can the company do lo meet this requirement?

1. A. Use AWS Key Management Sen/ice (AWS KMS)
2. B. Use multiple AWS accounts and consolidated billing.
3. C. Use AWS CloudFormation to deploy the infrastructure.
4. D. Rightsize all the EC2 instances that are used in the deployment

Correct Answer: D

- (Exam Topic 3)
A company wants to protect resources that the company hosts on AWS, including Application Load Balancers and Amazon CloudFront distributions. The company wants an AWS service that can provide near real-time visibility into attacks on the company's resources. The service must also have a dedicated AWS team to assist with distributed denial of service (DDoS) attacks.
Which AWS service will meet these requirements?

1. A. AWS WAF
2. B. AWS Shield Standard
3. C. Amazon Macie
4. D. AWS Shield Advanced

Correct Answer: D
https://aws.amazon.com/shield/faqs/

- (Exam Topic 3)
A company needs to organize its resources and track AWS costs on a detailed level. The company needs to categorize costs by business department, environment, and application.
Which solution will meet these requirements?

1. A. Access the AWS Cost Management console to organize resources, set an AWS budget, and receive notifications of unintentional usage.
2. B. Use tags to organize the resource
3. C. Activate cost allocation tags to track AWS costs on a detailed level.
4. D. Create Amazon CloudWatch dashboards to visually organize and track costs individually.
5. E. Access the AWS Billing and Cost Management dashboard to organize and track resource consumption on a detailed level.

Correct Answer: A