Free AWS Cloud Practitioner (CLF-C02) Practice Questions

Original practice questions with a full explanation for every answer β€” see why the right choice is right and why each wrong one is wrong.

Entry-levelPracticeCLF-C02
⏱️ 12 questions

Click an answer to reveal the reasoning. These are original questions written to test the same concepts as the exam β€” not copied exam items β€” so you learn the <em>why</em>.

In short: These are free, original AWS Cloud Practitioner (CLF-C02) practice questions covering all four exam domains. Each question includes a full explanation of the correct answer and why the other options are wrong. No signup is required.

AWS Cloud Practitioner practice set

Twelve original questions across the four domains. Tap an option to check it, or use β€œShow all answers” to review the reasoning.

Domain 1 Β· Cloud Concepts
1. A company replaces its upfront datacenter hardware purchases with paying only for the AWS resources it uses each month. Which cloud benefit does this describe?
Correct answer: Trading capital expense (CapEx) for variable expense (OpEx). Paying only for what you use, with no upfront hardware, trades a capital expense for a variable operating expense β€” a core AWS value proposition. It does not increase latency or reduce elasticity, and it isn't lock-in.
Domain 1 Β· Cloud Concepts
2. An application automatically scales out to handle a traffic spike and scales back in afterward. Which AWS Cloud benefit does this BEST illustrate?
Correct answer: Elasticity. Automatically matching capacity to demand is elasticity. Compliance and data residency are governance concerns, and 'fixed capacity' is the opposite of what the cloud provides.
Domain 1 Β· Cloud Concepts
3. Which AWS resource provides architectural best practices organised into pillars such as Security, Reliability, and Cost Optimization?
Correct answer: The AWS Well-Architected Framework. The Well-Architected Framework defines best practices across six pillars (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, Sustainability). The Pricing Calculator estimates cost, CloudFront is a CDN, and IAM manages access.
Domain 2 Β· Security and Compliance
4. Under the AWS shared responsibility model, which task is the CUSTOMER's responsibility?
Correct answer: Managing IAM users and their permissions. Customers are responsible for security IN the cloud β€” including IAM users, permissions, and their own data. AWS handles security OF the cloud: physical datacenters, hardware, and the global infrastructure.
Domain 2 Β· Security and Compliance
5. A security team wants to grant each user only the permissions required for their job. Which AWS service and principle apply?
Correct answer: IAM, applying least privilege. IAM manages users, roles, and permissions, and granting only what's needed is the principle of least privilege. S3 encryption protects data at rest, EC2 auto scaling is about capacity, and Shield defends against DDoS β€” none is about per-user permissions.
Domain 2 Β· Security and Compliance
6. Which AWS service records API calls and account activity so you can audit who did what, and when?
Correct answer: AWS CloudTrail. CloudTrail logs API activity across your account for audit and governance. CloudFront is a CDN, EC2 is compute, and Budgets is a cost tool β€” none records account activity for auditing. (Note: CloudWatch is for metrics/logs/alarms; CloudTrail is specifically the audit trail.)
Domain 3 Β· Cloud Technology and Services
7. A developer wants to run code in response to events without provisioning or managing any servers, paying only when the code runs. Which service fits BEST?
Correct answer: AWS Lambda. AWS Lambda is serverless compute β€” event-driven, no servers to manage, and you pay per execution. EC2 requires managing servers, S3 is object storage, and VPC is networking.
Domain 3 Β· Cloud Technology and Services
8. Which AWS service provides virtually unlimited object storage for files, backups, and data lakes?
Correct answer: Amazon S3. Amazon S3 is object storage with virtually unlimited capacity. EBS provides block storage (virtual disks) for EC2, RDS is a relational database, and IAM manages access β€” none is object storage.
Domain 3 Β· Cloud Technology and Services
9. A company needs its own logically isolated private network within AWS to launch resources into. Which service provides this?
Correct answer: Amazon VPC. Amazon VPC (Virtual Private Cloud) is your isolated private network inside AWS. Route 53 is DNS, CloudFront is a CDN, and Lambda is serverless compute β€” none provides network isolation.
Domain 3 Β· Cloud Technology and Services
10. To achieve high availability, an architect deploys an application across multiple what, within a single AWS Region?
Correct answer: Availability Zones. Deploying across multiple Availability Zones (physically separate datacenters in a Region) provides high availability if one zone fails. Edge locations serve cached content, IAM roles grant permissions, and S3 buckets store objects β€” none provides multi-datacenter resilience.
Domain 4 Β· Billing, Pricing, and Support
11. Which AWS tool lets you visualise and analyse your ACTUAL AWS spending over time?
Correct answer: AWS Cost Explorer. AWS Cost Explorer visualises and analyses your actual spending over time. The Pricing Calculator estimates costs before deployment, Trusted Advisor gives best-practice recommendations, and CloudWatch monitors resource health.
Domain 4 Β· Billing, Pricing, and Support
12. Which AWS service inspects your account and provides recommendations across cost optimization, security, fault tolerance, and performance?
Correct answer: AWS Trusted Advisor. AWS Trusted Advisor inspects your environment and recommends improvements across cost, security, fault tolerance, performance, and service limits. CloudTrail audits API activity, S3 stores objects, and Budgets sets spending alerts β€” none provides these broad recommendations.
πŸ”‘ How to read your score

Your result here reflects how you did on these practice questions β€” it is not a prediction of your real exam score. Use it to spot which domains to review next.

Frequently asked questions

Are these real AWS Cloud Practitioner exam questions?

No. Every question here is original, written to test the same concepts as the exam. Reproducing real exam items would breach the AWS Certification agreement and copyright, and it wouldn't help you understand the material.

Do I need to sign up to see the answers?

No. The answer and full explanation for every question are free and shown on this page.

Independent study resource. Not affiliated with, authorized, endorsed by, or sponsored by CompTIA, Amazon Web Services, Microsoft, or ISC2. All trademarks are the property of their respective owners and are used here for identification only. All practice questions are original.