Courseiva

CLF-C02 · topic practice

Cloud Concepts practice questions

Use this page to practise CLF-C02 Cloud Concepts practice questions. The goal is not to memorise dumps, but to understand the concept, review the explanation and improve your exam readiness.

20 questionsDomain: Cloud Concepts
Practice 10 questionsBrowse domain →

What the exam tests

What to know about Cloud Concepts

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Practice set

Cloud Concepts questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Full question →

A developer needs to launch a test server for a new application prototype. The developer logs into the AWS Management Console, selects an Amazon EC2 instance type, configures the security group, and starts the instance. The instance is running within two minutes, and the developer did not need to submit a formal request to the company's IT procurement team or wait for approval from a cloud administrator. Which essential characteristic of cloud computing does this scenario best demonstrate?

Full question →
Question 2mediummultiple choice
Full question →

A company's development team frequently needs temporary test environments. A developer can log into the AWS Management Console, select an Amazon EC2 instance type, configure storage, and launch the instance within minutes without any interaction with the IT infrastructure team. This capability is an example of which essential characteristic of cloud computing?

Full question →
Question 3easymultiple choice
Full question →

A company currently runs its infrastructure in a colocation data center. The CIO wants to estimate the total cost of ownership (TCO) of migrating the existing workload to AWS, compared to continuing with the on-premises solution. The company has detailed data on current server specifications, power, cooling, and labor costs. Which AWS tool should the company use to perform this analysis?

Full question →
Question 4mediummultiple choice
Full question →

A company has a compliance policy requiring that all data at rest in Amazon S3 be encrypted with a key that is automatically rotated every year. The company wants to manage the encryption keys themselves, maintain control over access policies, and have AWS handle the key rotation automatically. Which AWS service should the company use?

Full question →
Question 5mediummultiple choice
Full question →

A company has 50 TB of on-premises file server data that must be transferred to Amazon S3. The company's internet connection is limited to 100 Mbps, and the data transfer must not impact daily business operations. The company needs a physical device to securely copy the data and then ship it to AWS for ingestion. Which AWS service should the company use?

Full question →
Question 6mediummultiple choice
Full question →

A company has 200 IAM users. The security team needs to automatically verify that every IAM user has enabled multi-factor authentication (MFA) for console access. They also need to receive a notification whenever a new user is created without MFA so they can enforce the policy. Which AWS service should the security team use to meet these requirements?

Full question →
Question 7mediummultiple choice
Full question →

A company develops a mobile application that allows employees to upload sales reports to an Amazon S3 bucket. The application must work reliably from any location, including from corporate offices, remote home offices, and international travel locations. The solution uses standard HTTPS requests over the internet. Which essential characteristic of cloud computing does this scenario best illustrate?

Full question →
Question 8mediummultiple choice
Full question →

A company has 50 IAM users in a single AWS account. The security policy requires that every IAM user must have a virtual MFA device enabled for AWS Management Console access. The company wants to automatically detect any user who disables or has an inactive MFA device and immediately revoke that user's ability to access AWS resources by disabling their access keys. The solution must be fully managed, require no custom scripts, and use native AWS services. Which AWS service should the company use to define the compliance rule and automatically trigger the remediation action?

Full question →
Question 9mediummultiple choice
Full question →

A company has a global user base that uploads images to an Amazon S3 bucket in the us-east-1 Region. Users report slow upload speeds and frequent timeouts when uploading large files from distant locations. The company wants to use the AWS global network and edge locations to accelerate uploads to the S3 bucket. The solution must require minimal infrastructure changes on the client side and must be configured at the bucket level. Which AWS feature should the company enable?

Full question →
Question 10mediummultiple choice
Full question →

A cloud provider uses shared physical infrastructure to serve many customers. Each customer's compute and storage resources are logically isolated and secure, but the underlying hardware is pooled across all customers. Which essential characteristic of cloud computing does this scenario BEST describe?

Full question →
Question 11easymultiple choice
Full question →

A company has a strict data residency policy that requires all customer data to remain stored on-premises at all times. However, the company experiences unpredictable spikes in compute demand and wants to use an AWS cloud environment to handle this additional workload during peak periods. The company needs a solution that allows them to seamlessly run applications across their on-premises infrastructure and AWS, using consistent management tools and APIs. The company also needs a dedicated, private network connection between the two environments for low latency and security. Which cloud deployment model best describes this architecture?

Full question →
Question 12mediummultiple choice
Full question →

A company has an on-premises file server that stores large datasets. The company wants to reduce its on-premises storage footprint by moving cold data to AWS. However, users need low-latency access to frequently used files, and the applications must be able to access the data using the standard SMB protocol. The company wants to cache frequently accessed data locally on-premises for low latency, while securely storing all data in Amazon S3. Which AWS service should the company use?

Full question →
Question 13mediummultiple choice
Full question →

A company has employees in field offices who need to manage AWS resources (e.g., launch EC2 instances, upload files to S3) using a web browser on their company-issued laptops. The laptops connect to the internet via public Wi-Fi or cellular hotspots. The employees do not have any VPN or direct corporate network connection. They can successfully access the AWS Management Console and perform all actions over standard HTTPS ports. Which essential characteristic of cloud computing does this scenario primarily demonstrate?

Full question →
Question 14mediummultiple choice
Full question →

A company has a security policy that requires all Amazon EBS volumes attached to production Amazon EC2 instances to be encrypted at rest using customer-managed encryption keys. The policy also mandates that the encryption keys must be automatically rotated every 365 days. The company wants to minimize operational overhead by using a managed AWS service for key management and automatic rotation. Which AWS service should the company use to meet these requirements?

Full question →
Question 15mediummultiple choice
Full question →

A company has deployed multiple EC2 instances with different security groups. The compliance team wants to ensure that no security group allows unrestricted SSH access (0.0.0.0/0) and receive alerts if any such rule is created. Which AWS service can they use to continuously monitor and evaluate the security group configurations against this policy?

Full question →
Question 16mediummultiple choice
Full question →

A company hosts an e-commerce website on Amazon EC2 instances in the us-east-1 Region. The website serves static assets (images, CSS, and JavaScript) to a global user base. Users in Europe and Asia report slow page load times. The company needs to improve the performance of delivering these static assets to all users without modifying the application code or provisioning additional origin servers. Which AWS service should the company use?

Full question →
Question 17mediummultiple choice
Full question →

A company has a web application deployed on AWS in the us-west-2 Region. The application is accessed by users across the globe, including Europe, Asia, and South America. The company wants to improve the application's performance for international users by reducing latency and packet loss. The solution must route user traffic over the AWS global network to the closest edge location. Which AWS service should the company use?

Full question →
Question 18easymultiple choice
Full question →

A company has migrated its customer-facing web application to AWS. The application is deployed on Amazon EC2 instances behind an Application Load Balancer. The company's customers access the application from various devices—desktop computers, laptops, tablets, and smartphones—using standard web browsers without any additional configuration or proprietary software. The ability for customers to reach the application over the internet from any device with a standard browser best demonstrates which essential characteristic of cloud computing?

Full question →
Question 19mediummultiple choice
Full question →

A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The security team wants to protect the application from common web exploits, including SQL injection and cross-site scripting (XSS). The solution must integrate directly with the ALB and allow custom rules to be defined. Which AWS service should the company use?

Full question →
Question 20mediummultiple choice
Full question →

A company hosts a file-sharing platform on Amazon S3. The application bucket is in the us-west-2 (Oregon) Region. Users in Europe and Asia experience slow upload speeds when transferring large files. The company wants to improve upload performance by using AWS edge locations to accelerate data transfers to the bucket. The solution must work with standard S3 PUT operations and require minimal application changes. Which AWS feature should the company enable?

Full question →
Continue with 20-question session →

Watch out for

Common Cloud Concepts exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaS → PaaS → SaaS).

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Sign up freeLog in

Focused Cloud Concepts sessions

Start a Cloud Concepts only practice session

Every question in these sessions is drawn from the Cloud Concepts domain — nothing else.

10 questions20 questions30 questions50 questions
Browse all Cloud Concepts questions →Mixed CLF-C02 session

Related practice questions

Related CLF-C02 topic practice pages

Move into related areas when this topic feels solid.

AWS shared responsibility model practice questions

Practise CLF-C02 questions linked to AWS shared responsibility model.

AWS Cloud Practitioner cloud concepts practice questions

Practise CLF-C02 questions linked to AWS Cloud Practitioner cloud concepts.

AWS IAM practice questions

Practise CLF-C02 questions linked to AWS IAM.

AWS pricing practice questions

Practise CLF-C02 questions linked to AWS pricing.

AWS support plans practice questions

Practise CLF-C02 questions linked to AWS support plans.

AWS S3 practice questions

Practise CLF-C02 questions linked to AWS S3.

AWS EC2 practice questions

Practise CLF-C02 questions linked to AWS EC2.

Frequently asked questions

What does the CLF-C02 exam test about Cloud Concepts?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Cloud Concepts questions in a focused session?
Yes — the session launcher on this page draws every question from the Cloud Concepts domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CLF-C02 topics?
Use the topic links above to move to related areas, or go back to the CLF-C02 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CLF-C02 exam covers. They are not copied from any real exam or dump site.