This first practice exam is designed to assess your understanding of AWS Cloud Practitioner fundamentals. It contains 20 questions across all four exam domains and should take approximately 30 minutes to complete. Questions mirror the style and difficulty of the real AWS CLF-C02 exam, testing both conceptual knowledge and applied understanding. Read each question carefully, select your best answer, then expand the accordion to check the correct answer and a detailed explanation.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/roxsross/aws-cloud-practitioner-complete-guide/llms.txt
Use this file to discover all available pages before exploring further.
Exam Instructions
Set Your Environment
Answer All Questions First
Check Your Answers
Domain 1: Cloud Concepts (5 Questions)
Question 1: Which of the following best defines cloud computing according to AWS?
Question 1: Which of the following best defines cloud computing according to AWS?
- A) Renting physical servers in a third-party data center
- B) On-demand delivery of IT resources over the internet with pay-as-you-go pricing
- C) Storing all company data on external hard drives managed by a vendor
- D) Using virtualization software installed on local company hardware
Question 2: A company is using both an on-premises data center and AWS cloud services together for their workloads. Which cloud deployment model does this describe?
Question 2: A company is using both an on-premises data center and AWS cloud services together for their workloads. Which cloud deployment model does this describe?
- A) Public cloud
- B) Private cloud
- C) Hybrid cloud
- D) Community cloud
Question 3: Which of the following is one of the six advantages of cloud computing cited by AWS?
Question 3: Which of the following is one of the six advantages of cloud computing cited by AWS?
- A) Increased capital expenditure for hardware procurement
- B) Trade variable expense for capital expense
- C) Stop guessing about infrastructure capacity needs
- D) Reduce the need for software patching entirely
Question 4: Which AWS Well-Architected Framework pillar focuses on the ability of a system to recover from failures and meet business and customer demands?
Question 4: Which AWS Well-Architected Framework pillar focuses on the ability of a system to recover from failures and meet business and customer demands?
- A) Performance Efficiency
- B) Security
- C) Reliability
- D) Operational Excellence
Question 5: Which cloud service model provides the highest level of abstraction, where the vendor manages everything from infrastructure to the application itself?
Question 5: Which cloud service model provides the highest level of abstraction, where the vendor manages everything from infrastructure to the application itself?
- A) IaaS (Infrastructure as a Service)
- B) PaaS (Platform as a Service)
- C) SaaS (Software as a Service)
- D) FaaS (Function as a Service)
Domain 2: Security & Compliance (6 Questions)
Question 6: Under the AWS Shared Responsibility Model, who is responsible for patching the operating system on an Amazon EC2 instance?
Question 6: Under the AWS Shared Responsibility Model, who is responsible for patching the operating system on an Amazon EC2 instance?
Question 7: What is the AWS best practice regarding the root account of an AWS account?
Question 7: What is the AWS best practice regarding the root account of an AWS account?
- A) Use the root account for all daily administrative tasks for simplicity
- B) Share the root account credentials with the entire IT team
- C) Enable MFA on the root account and avoid using it for everyday tasks
- D) Delete the root account after creating an IAM admin user
Question 8: A developer needs to allow an application to make API calls to AWS services. Which IAM entity should be used instead of embedding long-term access keys in the code?
Question 8: A developer needs to allow an application to make API calls to AWS services. Which IAM entity should be used instead of embedding long-term access keys in the code?
- A) IAM Group
- B) IAM Policy
- C) IAM Role
- D) IAM User with programmatic access
Question 9: Which AWS service continuously monitors your AWS account for unusual or malicious activity, such as unauthorized API calls or compromised EC2 instances?
Question 9: Which AWS service continuously monitors your AWS account for unusual or malicious activity, such as unauthorized API calls or compromised EC2 instances?
Question 10: Which AWS service records API activity across your AWS account, providing a history of who called which API, from where, and when?
Question 10: Which AWS service records API activity across your AWS account, providing a history of who called which API, from where, and when?
- A) Amazon CloudWatch
- B) AWS CloudTrail
- C) AWS Config
- D) Amazon GuardDuty
Question 11: In the context of Amazon VPC security, what is the key difference between a Security Group and a Network Access Control List (NACL)?
Question 11: In the context of Amazon VPC security, what is the key difference between a Security Group and a Network Access Control List (NACL)?
- A) Security Groups apply to subnets; NACLs apply to individual EC2 instances
- B) Security Groups are stateful; NACLs are stateless
- C) NACLs are stateful; Security Groups are stateless
- D) Security Groups support both allow and deny rules; NACLs only support allow rules
Domain 3: Technology & Services (7 Questions)
Question 12: A company has an application with highly unpredictable traffic spikes. Which EC2 pricing model is most appropriate for this use case?
Question 12: A company has an application with highly unpredictable traffic spikes. Which EC2 pricing model is most appropriate for this use case?
- A) Reserved Instances (1-year term)
- B) Dedicated Hosts
- C) On-Demand Instances
- D) Spot Instances
Question 13: A company stores thousands of images that are accessed frequently for the first 30 days but rarely after that. Which combination of S3 storage classes is the most cost-effective?
Question 13: A company stores thousands of images that are accessed frequently for the first 30 days but rarely after that. Which combination of S3 storage classes is the most cost-effective?
- A) S3 Standard for all objects
- B) S3 Standard initially, then S3 Standard-IA after 30 days using a lifecycle policy
- C) S3 Intelligent-Tiering for all objects
- D) S3 Glacier Instant Retrieval for all objects
Question 14: Which AWS service allows you to run code in response to events without provisioning or managing any servers?
Question 14: Which AWS service allows you to run code in response to events without provisioning or managing any servers?
- A) Amazon EC2 Auto Scaling
- B) AWS Elastic Beanstalk
- C) AWS Lambda
- D) Amazon ECS
Question 15: A company needs a relational database with automatic failover, read replicas, and support for MySQL compatibility. Which AWS service best fits this requirement?
Question 15: A company needs a relational database with automatic failover, read replicas, and support for MySQL compatibility. Which AWS service best fits this requirement?
- A) Amazon DynamoDB
- B) Amazon Redshift
- C) Amazon RDS for MySQL
- D) Amazon ElastiCache
Question 16: Which AWS service is a global content delivery network (CDN) that caches content at edge locations to reduce latency for end users worldwide?
Question 16: Which AWS service is a global content delivery network (CDN) that caches content at edge locations to reduce latency for end users worldwide?
- A) AWS Global Accelerator
- B) Amazon CloudFront
- C) Amazon Route 53
- D) AWS Direct Connect
Question 17: What is the primary purpose of Amazon Route 53?
Question 17: What is the primary purpose of Amazon Route 53?
- A) To provide a virtual private network connection to AWS
- B) To distribute incoming application traffic across multiple EC2 instances
- C) To register domain names and route end users to internet applications using DNS
- D) To monitor the health and performance of AWS resources
Question 18: Which AWS service provides an automated tool that checks your AWS environment against best practices across five categories: Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits?
Question 18: Which AWS service provides an automated tool that checks your AWS environment against best practices across five categories: Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits?
- A) AWS Config
- B) AWS CloudFormation
- C) AWS Trusted Advisor
- D) Amazon Inspector
Domain 4: Billing & Support (2 Questions)
Question 19: Which AWS Support plan is the minimum tier that includes 24/7 access to Cloud Support Engineers via phone, chat, and email?
Question 19: Which AWS Support plan is the minimum tier that includes 24/7 access to Cloud Support Engineers via phone, chat, and email?
- A) AWS Basic Support
- B) AWS Developer Support
- C) AWS Business Support
- D) AWS Enterprise Support
Question 20: A company has multiple AWS accounts for different departments. Which AWS feature allows them to combine all accounts under a single payer account and receive a single monthly bill?
Question 20: A company has multiple AWS accounts for different departments. Which AWS feature allows them to combine all accounts under a single payer account and receive a single monthly bill?
- A) AWS Cost Explorer
- B) AWS Budgets
- C) Consolidated Billing via AWS Organizations
- D) AWS Pricing Calculator
