CLF-C02
Domain 2: Security and Compliance
AWS Config is used to:
Multiple choice — select one answer
Answer choices
- a. Rotate, manage, and retrieve secrets, using password reset alone and deferring session revocation until the next business day
- b. AWS compliance programs and attestations, without preserving cloud audit logs or hunting mailbox rules and delegate permissions, without security or identity team coordination per policy.
- c. Assess, audit, and evaluate configurations of AWS resources
- d. Creating and managing encryption keys, while leaving refresh tokens and OAuth consent grants active pending user callback, without security or identity team coordination per policy.
Architectural breakdown & explanation
AWS Config tracks resource configuration changes over time.
Correct answer(s): c. Assess, audit, and evaluate configurations of AWS resources
Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the AWS Certified Cloud Practitioner
bank. Run a full timed practice exam with domain-weighted random questions in your browser.