CLF-C02 Domain 2: Security and Compliance

AWS Config is used to:

Multiple choice — select one answer

Answer choices

  1. a. Rotate, manage, and retrieve secrets, using password reset alone and deferring session revocation until the next business day
  2. b. AWS compliance programs and attestations, without preserving cloud audit logs or hunting mailbox rules and delegate permissions, without security or identity team coordination per policy.
  3. c. Assess, audit, and evaluate configurations of AWS resources
  4. d. Creating and managing encryption keys, while leaving refresh tokens and OAuth consent grants active pending user callback, without security or identity team coordination per policy.

Architectural breakdown & explanation

AWS Config tracks resource configuration changes over time.

Correct answer(s): c. Assess, audit, and evaluate configurations of AWS resources

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.