New Year Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Amazon Web Services Updated ANS-C01 Exam Questions and Answers by ivar

Page: 5 / 11

Amazon Web Services ANS-C01 Exam Overview :

Exam Name: Amazon AWS Certified Advanced Networking - Specialty
Exam Code: ANS-C01 Dumps
Vendor: Amazon Web Services Certification: AWS Certified Specialty
Questions: 153 Q&A's Shared By: ivar
Question 20

A company has deployed a multi-VPC environment in the AWS Cloud. The company uses a transit gateway to connect all the VPCs together. In the past, the company has experienced a loss of connectivity between applications after changes to security groups, network ACLs. and route tables in a VPC. When these changes occur, the company wants to automatically verify that connectivity still exists between different resources in a single VPC.

Which solution will meet these requirements?

Options:

A.

Create a list of paths between different resources to check in VPC Reachability Analyzer. Create an Amazon EventBridge rule to monitor when a change is made and logged in Amazon CloudWatch. Configure the rule to invoke an AWS Lambda function to test the different paths in Reachability Analyzer.

B.

Create a list of paths between different resources to check in VPC Reachability Analyzer. Create an Amazon EventBridge rule to monitor when a change is made and logged in AWS CloudTrail. Configure the rule to invoke an AWS Lambda function to test the different paths in Reachability Analyzer.

C.

Create a list of paths to check in AWS Network Manager Route Analyzer. Create an Amazon EventBridge rule to monitor when a change is made and logged in Amazon CloudWatch. Configure the rule to invoke an AWS Lambda function to test the different paths in Route Analyzer.

D.

Create a list of paths to check in AWS Network Manager Route Analyzer. Create an Amazon EventBridge rule to monitor when a change is made and logged in AWS CloudTrail. Configure the rule to invoke an AWS Lambda function to test the different paths in Route Analyzer.

Discussion
Question 21

A network engineer is working on a private DNS design to integrate AWS workloads and on-premises resources. The AWS deployment consists of five VPCs in the eu-west-1 Region that connect to the on-premises network over AWS Direct Connect. The VPCs communicate with each other by using a transit gateway. Each VPC is associated with a private hosted zone that uses the aws.example.internal domain. The network engineer creates an Amazon Route 53 Resolver outbound endpoint in a shared services VPC and attaches the shared services VPC to the transit gateway.

The network engineer is implementing a solution for DNS resolution. Queries for hostnames that end with aws.example.internal must use the private hosted zone. Queries for hostnames that end with all other domains must be forwarded to a private on-premises DNS resolver.

Which solution will meet these requirements?

Options:

A.

Add a forwarding rule for”””that targets the on-premises server's DNS IP address. Add a system rule for aws.example.internal that targets Route 53 Resolver.

B.

Add a forwarding rule for aws example.internal that targets Route 53 Resolver. Add a system rule for V that targets the Route 53 Resolver outbound endpoint.

C.

Add a forwarding rule for”””that targets the Route 53 Resolver outbound endpoint.

D.

Add a forwarding rule for"." that targets the Route 53 Resolver outbound endpoint.

Discussion
Question 22

A company has many application VPCs that use AWS Site-to-Site VPN connections for connectivity to an on-premises location. The company's network team wants to gradually migrate to AWS Transit Gateway to provide VPC-to-VPC connectivity.

The network team sets up a transit gateway that uses equal-cost multi-path (ECMP) routing. The network team attaches two temporary VPCs to the transit gateway for testing. The test VPCs contain Amazon EC2 instances to confirm connectivity over the transit gateway between the on-premises location and the VPCs. The network team creates two new Site-to-Site VPN connections to the transit gateway.

During testing, the network team cannot reach the required bandwidth of 2.5 Gbps over the pair of new Site-to-Site VPN connections.

Which combination of steps should the network team take to improve bandwidth performance and minimize network congestion? (Select THREE.)

Options:

A.

Enable acceleration for the existing Site-to-Site VPN connections to the transit gateway.

B.

Create new accelerated Site-to-Site VPN connections to the transit gateway.

C.

Advertise the on-premises prefix to AWS with the same BGP AS_PATH attribute across all the Site-to-Site VPN connections.

D.

Advertise the on-premises prefix to AWS with a different BGP AS_PATH attribute across all the Site-to-Site VPN connections

E.

Verify that the transit gateway attachments are present in the Availability Zones of the test VPC.

F.

Verify that the on-premises location is sending traffic by using multiple flows.

Discussion
Question 23

A company is using an Amazon CloudFront distribution that is configured with an Application Load Balancer (ALB) as an origin. A network engineer needs to implement a solution that requires

all inbound traffic to the ALB to come from CloudFront. The network engineer must implement the solution at the network layer rather than in the application.

Which solution will meet these requirements in the MOST operationally efficient way?

Options:

A.

Add an inbound rule to the ALB's security group to allow the AWS managed prefix list for CloudFront.

B.

Add an inbound rule to the network ACLs that are associated with the ALB's subnets. Use the AWS managed prefix list for CloudFront as the source in the rule.

C.

Configure CloudFront to add a custom HTTP header to the requests that CloudFront sends to the ALB.

D.

Associate an AWS WAF web ACL with the ALB. Configure the AWS WAF rules to allow traffic from the CloudFront IP set. Automatically update the CloudFront IP set by using an AWS Lambda function.

Discussion
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent Aug 15, 2024
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Nylah
I've been looking for good study material for my upcoming certification exam. Need help.
Dolly Oct 3, 2024
Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.
Rosalie
I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.
Maja Aug 30, 2024
That sounds great. I'll definitely check them out. Thanks for the suggestion!
Sam
Can I get help from these dumps and their support team for preparing my exam?
Audrey Aug 29, 2024
Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!
Page: 5 / 11

ANS-C01
PDF

$36.75  $104.99

ANS-C01 Testing Engine

$43.75  $124.99

ANS-C01 PDF + Testing Engine

$57.75  $164.99