Amazon ANS-C00 Exam Practice Test Instant Access

Question 1

You have a global corporate network with 153 individual IP prefixes in your internal routing table. You establish a private virtual interface over AWS Direct Connect to a VPC that has an Internet gateway (IGW). All instances in the VPC must be able to route to the Internet via an IGW and route to the global corporate network via the VGW.

How should you configure your on-premises BGP peer to meet these requirements?

AConfigure AS-Prepending on your BGP session

BSummarize your prefix announcement to less than 100

CAnnounce a default route to the VPC over the BGP session

DEnable route propagation on the VPC route table

Answer : B

Question 2

An organization is replacing a tape backup system with a storage gateway. there is currently no connectivity to AWS. Initial testing is needed.

What connection option should the organization use to get up and running at minimal cost?

AUse an internet connection.

BSet up an AWS VPN connection.

CProvision an AWS Direct Connection private virtual interface.

DProvision a Direct Connect public virtual interface.

Answer : A

Question 3

Your company runs an application for the US market in the us-east-1 AWS region. This application uses proprietary TCP and UDP protocols on Amazon Elastic Compute Cloud (EC2) instances. End users run a real-time, front-end application on their local PCs. This front-end application knows the DNS hostname of the service.

You must prepare the system for global expansion. The end users must access the application with lowest latency.

How should you use AWS services to meet these requirements?

ARegister the IP addresses of the service hosts as ''A'' records with latency-based routing policy in Amazon Route 53, and set a Route 53 health check for these hosts.

BSet the Elastic Load Balancing (ELB) load balancer in front of the hosts of the service, and register the ELB name of the main service host as an ALIAS record with a latency-based routing policy in Route 53.

CSet Amazon CloudFront in front of the host of the service, and register the CloudFront name of the main service as an ALIAS record in Route 53.

DSet the Amazon API gateway in front of the service, and register the API gateway name of the main service as an ALIAS record in Route 53.

Answer : B

Question 4

A customer has set up multiple VPCs for Dev, Test, Prod, and Management. You need to set up AWS Direct Connect to enable data flow from on-premises to each VPC. The customer has monitoring software running in the Management VPC that collects metrics from the instances in all the other VPCs. Due to budget requirements, data transfer charges should be kept at minimum.

Which design should be recommended?

ACreate a total of four private VIFs, one for each VPC owned by the customer, and route traffic between VPCs using the Direct Connect link.

BCreate a private VIF to the Management VPC, and peer this VPC to all other VPCs.

CCreate a private VIF to the Management VPC, and peer this VPC to all other VPCs, enable source/destination NAT in the Management VPC.

DCreate a total of four private VIFs, and enable VPC peering between all VPCs.

Answer : D

- creating VPC peering is free of charge - traffic costs ~0.01/GB for VPC peering (IN + OUT) and ~0.02/GB for direct connect (OUT only). As the communication involved in monitoring will never have IN == OUT, then 0.01 * (IN + OUT) will always be lower the 0.02 * OUT, ergo VPC peering will be cheaper

Question 5

Your organization leverages an IP Address Management (IPAM) product to manage IP address distribution. The IPAM exposes an API. Development teams use CloudFormation to provision approved reference architectures. At deployment time, IP addresses must be allocated to the VPC. When the VPC is deleted, the IPAM must reclaim the VPC's IP allocation.

Which method allows for efficient, automated integration of the IPAM with CloudFormation?

AAWS CloudFormation parameters using the ''Ref::'' intrinsic function

BAWS CloudFormation custom resource using an AWS Lambda invocation.

CCloudFormation::OpsWorks::Stack with custom Chef configuration.

DAWS CloudFormation parameters using the ''Fn::FindInMap'' intrinsic function.

Answer : B

Cloudformation chapter under exam essentials it says 'custom resources in an AWS cloudformation template allows you to configure non-aws resources not supported by AWS. You can use custom resources to make calls to an IPAM'

Question 6

You deploy your Internet-facing application is the us-west-2(Oregon) region. To manage this application and upload content from your corporate network, you have a 1--Gbps AWS Direct Connect connection with a private virtual interface via one of the associated Direct Connect locations. In normal operation, you use approximately 300 Mbps of the available bandwidth, which is more than your Internet connection from the corporate network.

You need to deploy another identical instance of the application is us-east-1(N Virginia) as soon as possible. You need to use the benefits of Direct Connect. Your design must be the most effective solution regarding cost, performance, and time to deploy.

Which design should you choose?

AUse the inter-region capabilities of Direct Connect to establish a private virtual interface from us-west-2 Direct Connect location to the new VPC in us-east-1.

BDeploy an IPsec VPN over your corporate Internet connection to us-east-1 to provide access to the new VPC.

CUse the inter-region capabilities of Direct Connect to deploy an IPsec VPN over a public virtual interface to the new VPC in us-east-1.

DUse VPC peering to connect the existing VPC in us-west-2 to the new VPC in us-east-1, and then route traffic over Direct Connect and transit the peering connection.

Answer : A

https://aws.amazon.com/blogs/aws/aws-direct-connect-access-to-multiple-us-regions/

Question 7

You are building an application in AWS that requires Amazon Elastic MapReduce (Amazon EMR). The application needs to resolve hostnames in your internal, on-premises Active Directory domain. You update your DHCP Options Set in the VPC to point to a pair of Active Directory integrated DNS servers running in your VPC.

Which action is required to support a successful Amazon EMR cluster launch?

AAdd a conditional forwarder to the Amazon-provided DNS server.

BEnable seamless domain join for the Amazon EMR cluster.

CLaunch an AD connector for the internal domain.

DConfigure an Amazon Route 53 private zone for the EMR cluster.

Answer : A

https://aws.amazon.com/blogs/security/how-to-set-up-dns-resolution-between-on-premises-networks-and-aws-using-aws-directory-service-and-microsoft-active-directory/

Amazon ANS-C00 AWS Advanced Networking Specialty Exam Practice Test