CLF-C02 Domain 2: Security and Compliance

Amazon Cognito provides:

Multiple choice — select one answer

Answer choices

  1. a. Rely on User sign-up, sign-in, and access control for web and mobile apps alone while omitting the cross-service integration the workload needs, without security or identity team coordination per policy.
  2. b. User sign-up, sign-in, and access control for web and mobile apps
  3. c. Use User sign-up, sign-in, and access control for web and mobile apps for a related capability, but without meeting the requirement described in the scenario
  4. d. Grant only permissions required to perform a task

Architectural breakdown & explanation

Cognito handles user directories, federation, and OAuth/OIDC flows for apps.

Correct answer(s): b. User sign-up, sign-in, and access control for web and mobile apps

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.