Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← CLF-C02 Practice Test Hub

CLF-C02 › Security and Compliance

Security and Compliance Practice Questions

Security and Compliance is the domain of the AWS Certified Cloud Practitioner (CLF-C02) exam that focuses on how AWS helps you protect your data, systems, and applications in the cloud. Think of it as the set of tools, best practices, and shared responsibilities that ensure your cloud environment is secure and meets legal or industry standards. In plain English, this domain covers everything from who is responsible for what (you vs. AWS) to how you encrypt data, manage access, monitor for threats, and comply with regulations like GDPR or HIPAA. Why is this important in real-world IT? Because security is the number one concern for organizations moving to the cloud. A single misconfiguration—like leaving an S3 bucket public—can expose millions of customer records. Compliance failures can lead to massive fines and loss of trust. Understanding AWS security services (like IAM, KMS, Shield, and Inspector) and the Shared Responsibility Model is essential for anyone working with AWS, whether you're a developer, sysadmin, or manager. You need to know how to design secure architectures and respond to incidents. On the exam, this domain tests your knowledge of core security concepts and AWS services. You'll be asked about the Shared Responsibility Model: which parts AWS secures (the cloud infrastructure) and which parts you secure (your data, OS, network configurations). You'll need to know IAM for managing users, groups, roles, and policies; encryption options like SSE-S3, SSE-KMS, and client-side encryption; and compliance programs like SOC, PCI DSS, and FedRAMP. Expect questions on DDoS protection (AWS Shield), web application firewalls (WAF), and monitoring tools like CloudTrail, Config, and GuardDuty. The exam also covers security best practices like least privilege, multi-factor authentication (MFA), and the principle of defense in depth. To study this domain effectively, start by mastering the Shared Responsibility Model—it's the foundation. Then, get hands-on with IAM: create users, groups, and policies, and understand how roles work. Use the AWS Free Tier to explore S3 bucket policies, enable CloudTrail, and set up a basic CloudWatch alarm. Read the AWS Security Best Practices whitepaper and review the compliance programs on the AWS website. Practice with sample questions that test your ability to identify which service or practice applies to a given scenario. Focus on understanding the purpose of each security service rather than memorizing details. Finally, remember that the exam emphasizes concepts over deep technical implementation—know what each service does and when to use it.

230
Questions
14
Set types
15
Numbered sets

Practice by question count

10

questions

15

questions

20

questions

30

questions

40

questions

50

questions

100

questions

10

questions — timed

15

questions — timed

20

questions — timed

30

questions — timed

40

questions — timed

50

questions — timed

100

questions — timed

Numbered sets — 15 questions each

Set 1Set 2Set 3Set 4Set 5Set 6Set 7Set 8Set 9Set 10Set 11Set 12Set 13Set 14Set 15

Complete question bank

CLF-C02 Security and Compliance — All 230 Questions

Every question in this domain with answers and detailed explanations.

→

Other CLF-C02 domains

Cloud Concepts

Cloud Technology and Services

Billing, Pricing, and Support