New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Amazon Web Services
  3. AWS Certified Specialty
  4. ANS-C00 - AWS Certified Advanced Networking-Specialty
Note! Following ANS-C00 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is ANS-C01

ANS-C00 Exam Dumps - AWS Certified Advanced Networking-Specialty

Go to page:
Question # 17

An architecture is being designed to support an Amazon WorkSpaces deployment of 1,000 desktops.

Which architecture will support this deployment while allowing for future expansion?

A.

A VPC with a /16 CIDR and one /21 subnet

B.

A VPC with a /20 CIDR and two /21 subnets

C.

A VPC with a /16 CIDR and one /22 subnet

D.

A VPC with a /20 CIDR and two /23 subnets

Full Access
Question # 18

Your organization leverages an IP Address Management (IPAM) product to manage IP address distribution. The IPAM exposes an API. Development teams use CloudFormation to provision approved reference architectures. At deployment time, IP addresses must be allocated to the VPC. When the VPC is deleted, the IPAM must reclaim the VPC’s IP allocation.

Which method allows for efficient, automated integration of the IPAM with CloudFormation?

A.

AWS CloudFormation parameters using the “Ref::” intrinsic function

B.

AWS CloudFormation custom resource using an AWS Lambda invocation.

C.

CloudFormation::OpsWorks::Stack with custom Chef configuration.

D.

AWS CloudFormation parameters using the “Fn::FindInMap” intrinsic function.

Full Access
Question # 19

Your organization requires strict adherence to a change control process for its Amazon Elastic Compute Cloud (EC2) and VPC environments. The organization uses AWS CloudFormation as the AWS service to control and implement changes. Which combination of three services provides an alert for changes made outside of AWS CloudFormation? (Select three.)

A.

AWS Config

B.

AWS Simple Notification Service

C.

AWS CloudWatch metrics

D.

AWS Lambda

E.

AWS CloudFormation

F.

AWS Identify and Access Management

Full Access
Question # 20

You operate a production VPC with both a public and a private subnet. Your organization maintains a restricted Amazon S3 bucket to support this production workload. Only Amazon EC2 instances in the private subnet should access the bucket. You implement VPC endpoints(VPC-E) for Amazon S3 and remove the NAT that previously provided a network path to Amazon S3. The default VPC-E policy is applied. Neither EC2 instances in the public or private subnets are able to access the S3 bucket.

What should you do to enable Amazon S3 access from EC2 instances in the private subnet?

A.

Add the CIDR address range of the private subnet to the S3 bucket policy.

B.

Add the VPC-E identified to the S3 bucket policy.

C.

Add the VPC identifier for the production VPC to the S3 bucket policy.

D.

Add the VPC-E identifier for the production VPC to endpoint policy.

Full Access
Question # 21

You run a well-architected, multi-AZ application in the eu-central-1 (Frankfurt) AWS region. The application is hosted in a VPC and is only accessed from the corporate network. To support large volumes of data transfer and administration of the application, you use a single 10-Gbps AWS Direct Connect connection with multiple private virtual interfaces. As part of a review, you decide to improve the resilience of your connection to AWS and make sure that any additional connectivity does not share the same Direct Connect routers at AWS. You need to provide the best levels of resilience to meet the application’s needs.

Which two options should you consider? (Select two.)

A.

Install a second 10-Gbps Direct Connect connection to the same Direct Connection location.

B.

Deploy an IPsec VPN over a public virtual interface on a new 10-Gbps Direct Connect connection.

C.

Install a second 10-Gbps Direct Connect connection to a Direct Connect location in eu-west-1.

D.

Deploy an IPsec VPN over the Internet to the eu-west-1 region for diversity.

E.

Install a second 10-Gbps Direct Connect connection to a second Direct Connect location for eu-central-1.

Full Access
Question # 22

A customer has set up multiple VPCs for Dev, Test, Prod, and Management. You need to set up AWS Direct Connect to enable data flow from on-premises to each VPC. The customer has monitoring software running in the Management VPC that collects metrics from the instances in all the other VPCs. Due to budget requirements, data transfer charges should be kept at minimum.

Which design should be recommended?

A.

Create a total of four private VIFs, one for each VPC owned by the customer, and route traffic between VPCs using the Direct Connect link.

B.

Create a private VIF to the Management VPC, and peer this VPC to all other VPCs.

C.

Create a private VIF to the Management VPC, and peer this VPC to all other VPCs, enable source/destination NAT in the Management VPC.

D.

Create a total of four private VIFs, and enable VPC peering between all VPCs.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps