Amazon ANS-C00 Exam Practice Test Instant Access

Question 1

An organization runs a consumer-facing website on AWS. The Amazon EC2-based web fleet is load balanced using the AWS Application Load Balancer, Amazon Route 53 is used to provide the public DNS services.

The following URLs need to server content to end users:

test.example.com

web.example.com

example.com

Based on this information, what combination of services must be used to meet the requirement? (Select two.)

APath condition in ALB listener to route example.com to appropriate target groups.

BHost condition in ALB listener to route *.example.com to appropriate target groups.

CHost condition a ALB listener to route example.com to appropriate target groups.

DPath condition in ALB listener to route *.example.com to appropriate target groups.

EHost condition in ALB listener to route $$$$.example.com to appropriate target groups.

Answer : B, C

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#rule-condition-types

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html

Question 2

You are designing an AWS Direct Connect solution into your VPC. You need to consider requirements for the customer router to terminate the Direct Connect link at the Direct Connect location.

Which three factors that must be supported should you consider when choosing the customer router? (Select three.)

A802.1q trunking

B802.1ax or 802.3ad link aggregation

COSPF

DBGP

Esingle-mode optical fiber connectivity

F1-Gbps copper connectivity

Answer : A, D, E

https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html#overview_requirements

Question 3

Your company has a 1-Gbps AWS Direct Connect connection to AWS. Your company needs to send traffic from on-premises to a VPC owned by a partner company. The connectivity must have minimal latency at the lowest price.

Which of the following connectivity options should you choose?

ACreate a new Direct Connect connection, and set up a new circuit to connect to the partner VPC using a private virtual interface.

BCreate a new Direct Connect connection, and leverage the existing circuit to connect to the partner VPC.

CCreate a new private virtual interface, and leverage the existing connection to connect to the partner VPC.

DEnable VPC peering and use your VPC as a transitive point to reach the partner VPC.

Answer : C

https://docs.aws.amazon.com/vpc/latest/peering/create-vpc-peering-connection.html#create-vpc-peering-connection-remote

Question 4

An organization is replacing a tape backup system with a storage gateway. there is currently no connectivity to AWS. Initial testing is needed.

What connection option should the organization use to get up and running at minimal cost?

AUse an internet connection.

BSet up an AWS VPN connection.

CProvision an AWS Direct Connection private virtual interface.

DProvision a Direct Connect public virtual interface.

Answer : A

Question 5

Your organization requires strict adherence to a change control process for its Amazon Elastic Compute Cloud (EC2) and VPC environments. The organization uses AWS CloudFormation as the AWS service to control and implement changes. Which combination of three services provides an alert for changes made outside of AWS CloudFormation? (Select three.)

AAWS Config

BAWS Simple Notification Service

CAWS CloudWatch metrics

DAWS Lambda

EAWS CloudFormation

FAWS Identify and Access Management

Answer : A, B, D

aws.amazon.com/about-aws/whats-new/2018/03/aws-config-notifications-are-now-integrated-with-amazon-cloudwatch-events

Question 6

You have a three-tier web application with separate subnets for Web, Applications, and Database tiers. Your CISO suspects your application will be the target of malicious activity. You are tasked with notifying the security team in the event your application is port scanned by external systems.

Which two AWS Services cloud you leverage to build an automated notification system? (Select two.)

AInternet gateway

BVPC Flow Logs

CAWS CloudTrail

DLambda

EAWS Inspector

Answer : B, D

Question 7

You have a global corporate network with 153 individual IP prefixes in your internal routing table. You establish a private virtual interface over AWS Direct Connect to a VPC that has an Internet gateway (IGW). All instances in the VPC must be able to route to the Internet via an IGW and route to the global corporate network via the VGW.

How should you configure your on-premises BGP peer to meet these requirements?

AConfigure AS-Prepending on your BGP session

BSummarize your prefix announcement to less than 100

CAnnounce a default route to the VPC over the BGP session

DEnable route propagation on the VPC route table

Answer : B

Amazon AWS Advanced Networking Specialty ANS-C00 Exam Practice Test