Question 1easymultiple choice
Full question →CLF-C02 · topic practice
Ec2 practice questions
Use this page to practise CLF-C02 Ec2 practice questions. The goal is not to memorise dumps, but to understand the concept, review the explanation and improve your exam readiness.
What the exam tests
What to know about Ec2
Ec2 questions test whether you can apply the concept in context, not just recognise a definition.
How the topic appears in realistic exam-style scenarios.
Which detail in the question changes the correct answer.
How to eliminate plausible but wrong options.
How to connect the question back to the wider exam objective.
Practice set
Ec2 questions
20 questions · select your answer, then reveal the explanation
Question 2mediummultiple choice
Full question →A solutions architect is planning a new web application on AWS. The workload will include 3 Amazon EC2 instances (t3.medium) running 24/7, an Application Load Balancer, and an Amazon RDS for MySQL db.t3.small database. The architect needs to estimate the monthly cost for the first year, considering different purchasing options (On-Demand, 1-year All Upfront Reserved Instance, and Compute Savings Plan). Which AWS tool should the architect use to create this estimate?
Question 3mediummultiple choice
Full question →A company's development team frequently needs temporary test environments. A developer can log into the AWS Management Console, select an Amazon EC2 instance type, configure storage, and launch the instance within minutes without any interaction with the IT infrastructure team. This capability is an example of which essential characteristic of cloud computing?
Question 4mediummultiple choice
Full question →A company's finance team needs to analyze AWS spending in detail. They require a report that includes hourly cost data for each AWS service, each individual resource (e.g., a specific EC2 instance), and any cost allocation tags applied. The team plans to export this data to an Amazon S3 bucket and then import it into a custom business intelligence (BI) analytics dashboard. Which AWS tool should the finance team use to generate this level of detailed cost data?
Question 5mediummultiple choice
Full question →A company has a compliance policy requiring that all Amazon EC2 instances in its production environment must have the tag "Environment=Production" and must be associated with a security group named "Prod-SG". The company wants to continuously monitor its AWS account and automatically detect any EC2 instances that do not meet these requirements. The IT team needs a service that can evaluate the configuration of resources against these rules and send notifications when a non-compliant resource is detected. Which AWS service should the company use?
Question 6mediummultiple choice
Full question →A company has a two-tier web application. The front-end web servers run on Amazon EC2 instances in a public subnet. The back-end application servers process jobs that are submitted by the front end. The company wants to decouple the front-end and back-end tiers so that the back-end servers can process jobs as they are submitted, even if the front-end servers experience a spike in traffic. The solution must be durable and fully managed, and must allow the front-end servers to send job requests without waiting for the back-end servers to be available. Which AWS service should the company use to send the job requests from the front end to the back end?
Question 7mediummultiple choice
Full question →A company expects a steady baseline usage of AWS compute services (Amazon EC2, AWS Lambda, and AWS Fargate) over the next three years. They want to reduce costs compared to On-Demand pricing while maintaining the flexibility to change instance families, regions, or even switch between compute services (e.g., from EC2 to Lambda) without losing their discount. Which AWS pricing option should the company choose?
Question 8mediummultiple choice
Full question →A company has a web application that processes customer orders. The frontend web servers run on Amazon EC2 instances and receive order requests from users. The backend order processing system runs on a separate fleet of EC2 instances. The company wants to decouple these two tiers so that order requests are stored reliably until the backend is ready to process them. The solution must handle occasional traffic spikes without losing any messages and must allow the backend to scale independently. Which AWS service should the company use to meet these requirements?
Question 9mediummultiple choice
Full question →A company has a development environment running on Amazon EC2 instances. To control costs, the team wants to set a monthly budget of $5,000 for this environment. If the forecasted cost for the month exceeds $6,000 (20% over budget), they want AWS to automatically stop all non-critical EC2 instances to prevent further spending. Which AWS feature should the team use to implement this automated cost control?
Question 10mediummultiple choice
Full question →A company has employees in field offices who need to manage AWS resources (e.g., launch EC2 instances, upload files to S3) using a web browser on their company-issued laptops. The laptops connect to the internet via public Wi-Fi or cellular hotspots. The employees do not have any VPN or direct corporate network connection. They can successfully access the AWS Management Console and perform all actions over standard HTTPS ports. Which essential characteristic of cloud computing does this scenario primarily demonstrate?
Question 11mediummultiple choice
Full question →A company hosts a multi-tier web application on AWS. The web tier runs on Amazon EC2 instances in a public subnet, and the database tier runs on Amazon EC2 instances in a private subnet. The security team needs to configure security groups to allow only the web tier instances to communicate with the database tier on port 3306 (MySQL). The web tier must be accessible from the internet on port 443. Which security group configuration meets these requirements?
Question 12mediummultiple choice
Full question →A company has a security policy that requires all SSH connections to Amazon EC2 instances to originate from the company's corporate network IP range (203.0.113.0/24). An administrator is creating an IAM policy to enforce this restriction. Which IAM policy element should the administrator use to specify the allowed IP address range?
Question 13mediummultiple choice
Full question →A company has been using Amazon EC2 instances for a production application for the past 12 months. The finance team wants to understand historical spending patterns and identify opportunities to reduce costs. Specifically, they need to see which EC2 instance families and sizes are being underutilized and get recommendations for purchasing Reserved Instances to save money compared to current On-Demand pricing. The team wants to use a native AWS tool that provides a visual dashboard of costs, usage trends, and actionable recommendations. Which AWS tool should the finance team use?
Question 14mediummultiple choice
Full question →A company has a security policy that requires all Amazon EBS volumes attached to production Amazon EC2 instances to be encrypted at rest using customer-managed encryption keys. The policy also mandates that the encryption keys must be automatically rotated every 365 days. The company wants to minimize operational overhead by using a managed AWS service for key management and automatic rotation. Which AWS service should the company use to meet these requirements?
Question 15mediummultiple choice
Full question →A company has deployed multiple EC2 instances with different security groups. The compliance team wants to ensure that no security group allows unrestricted SSH access (0.0.0.0/0) and receive alerts if any such rule is created. Which AWS service can they use to continuously monitor and evaluate the security group configurations against this policy?
Question 16mediummultiple choice
Full question →A company has internal security policies that require all Amazon S3 buckets to be private (not publicly accessible) and all Amazon EC2 security groups to restrict inbound SSH traffic to a specific IP range. The security team needs to continuously monitor all AWS resources across their account to detect any resource that violates these policies. They also need a historical record of configuration changes and a compliance dashboard that shows overall pass/fail status. Which AWS service should the security team use to meet these requirements?
Question 17mediummultiple choice
Full question →A company hosts an e-commerce website on Amazon EC2 instances in the us-east-1 Region. The website serves static assets (images, CSS, and JavaScript) to a global user base. Users in Europe and Asia report slow page load times. The company needs to improve the performance of delivering these static assets to all users without modifying the application code or provisioning additional origin servers. Which AWS service should the company use?
Question 18easymultiple choice
Full question →A company has migrated its customer-facing web application to AWS. The application is deployed on Amazon EC2 instances behind an Application Load Balancer. The company's customers access the application from various devices—desktop computers, laptops, tablets, and smartphones—using standard web browsers without any additional configuration or proprietary software. The ability for customers to reach the application over the internet from any device with a standard browser best demonstrates which essential characteristic of cloud computing?
Question 19mediummultiple choice
Full question →A company has migrated to AWS and uses multiple accounts under AWS Organizations with consolidated billing. The finance team needs a monthly cost breakdown by business unit. Each business unit's AWS resources are tagged with a 'BusinessUnit' tag (e.g., 'Marketing', 'Engineering'). However, some resources are not tagged. The team wants to see both the cost per business unit (based on tagged resources) and the total cost of untagged resources, all in one view. They also need the ability to filter by AWS service (e.g., EC2, S3) for each business unit. Which AWS tool or feature should the finance team use to meet these requirements?
Question 20mediummultiple choice
Full question →A company has an AWS Basic Support plan. The operations team wants to use AWS Trusted Advisor to receive recommendations for cost optimization, such as identifying idle load balancers and underutilized Amazon EC2 instances. They log into the AWS Management Console and navigate to Trusted Advisor, but they only see a limited set of checks, such as S3 bucket permissions and service limits. Which action should the team take to access the complete library of Trusted Advisor checks, including the cost optimization recommendations?
Watch out for
Common Ec2 exam traps
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.
Free account
Track your progress over time
Create a free account to save your results and see which topics improve across sessions.
Focused Ec2 sessions
Start a Ec2 only practice session
Every question in these sessions is drawn from the Ec2 domain — nothing else.
Related practice questions
Related CLF-C02 topic practice pages
Move into related areas when this topic feels solid.
AWS shared responsibility model practice questions
Practise CLF-C02 questions linked to AWS shared responsibility model.
AWS Cloud Practitioner cloud concepts practice questions
Practise CLF-C02 questions linked to AWS Cloud Practitioner cloud concepts.
AWS IAM practice questions
Practise CLF-C02 questions linked to AWS IAM.
AWS pricing practice questions
Practise CLF-C02 questions linked to AWS pricing.
AWS support plans practice questions
Practise CLF-C02 questions linked to AWS support plans.
AWS S3 practice questions
Practise CLF-C02 questions linked to AWS S3.
AWS EC2 practice questions
Practise CLF-C02 questions linked to AWS EC2.
Frequently asked questions
- What does the CLF-C02 exam test about Ec2?
- Ec2 questions test whether you can apply the concept in context, not just recognise a definition.
- How should I use these practice questions?
- Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
- Can I practise just Ec2 questions in a focused session?
- Yes — the session launcher on this page draws every question from the Ec2 domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
- Where can I practise other CLF-C02 topics?
- Use the topic links above to move to related areas, or go back to the CLF-C02 question bank to see all topics.
- Are these real exam questions or dumps?
- These are original practice questions written to test the same concepts the CLF-C02 exam covers. They are not copied from any real exam or dump site.
Track your progress
A free account saves results across sessions and highlights which topics need work.
Sign up freeExam traps to avoid
- ▸Answering from memory before reading the full scenario.
- ▸Missing a constraint such as cost, availability, security, scope or command context.
- ▸Choosing a broad answer when the question asks for the most specific fix.
- ▸Ignoring why the wrong options are tempting.