March Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

Download Full Version ANS-C00 Amazon Web Services Exam

Page: 2 / 5
Question 8

You have a global corporate network with 153 individual IP prefixes in your internal routing table. You establish a private virtual interface over AWS Direct Connect to a VPC that has an Internet gateway (IGW). All instances in the VPC must be able to route to the Internet via an IGW and route to the global corporate network via the VGW.

How should you configure your on-premises BGP peer to meet these requirements?

Options:

A.

Configure AS-Prepending on your BGP session

B.

Summarize your prefix announcement to less than 100

C.

Announce a default route to the VPC over the BGP session

D.

Enable route propagation on the VPC route table

Question 9

A company has a hybrid IT architecture with two AWS Direct Connect connections to provide high availability. The services hosted on-premises are accessible using public IPs, and are also on the 172.16.0.0/16 range. The AWS resources are on the 192.168.0.0/18 range. The company wants to use Amazon Elastic Load Balancing for SSL offloading, health checks, and sticky sessions.

What should be done to meet these requirements?

Options:

A.

Create a Network Load Balancer pointing to the on-premises server's private IP address.

B.

Create an Amazon CloudFront distribution for the on-premises service and use the public IPs of the on-premises servers as the origin.

C.

Create a Network Load Balancer pointing to the on-premises server's public IP address.

D.

Create an Application Load Balancer pointing to the on-premises server's private IP address.

Question 10

You are designing the network infrastructure for an application server in Amazon VPC. Users will access all the application instances from the Internet and from an on-premises network. The on-premises network is connected to your VPC over an AWS Direct Connect link.

How should you design routing to meet these requirements?

Options:

A.

Configure a single routing table with two default routes: one to the Internet via an IGW, the other to the on-premises network via the VGW. Use this routing table across all subnets in your VPC.

B.

Configure two routing tables: one that has a default route via the IGW, and another that has a default route via the VGW. Associate both routing tables with each VPC subnet.

C.

Configure a single routing table with a default route via the IGW. Propagate a default route via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnet.

D.

Configure a single routing table with a default route via the IGW. Propagate specific routes for the on-premises networks via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.

Question 11

You operate a production VPC with both a public and a private subnet. Your organization maintains a restricted Amazon S3 bucket to support this production workload. Only Amazon EC2 instances in the private subnet should access the bucket. You implement VPC endpoints(VPC-E) for Amazon S3 and remove the NAT that previously provided a network path to Amazon S3. The default VPC-E policy is applied. Neither EC2 instances in the public or private subnets are able to access the S3 bucket.

What should you do to enable Amazon S3 access from EC2 instances in the private subnet?

Options:

A.

Add the CIDR address range of the private subnet to the S3 bucket policy.

B.

Add the VPC-E identified to the S3 bucket policy.

C.

Add the VPC identifier for the production VPC to the S3 bucket policy.

D.

Add the VPC-E identifier for the production VPC to endpoint policy.

Page: 2 / 5
Exam Code: ANS-C00
Exam Name: AWS Certified Advanced Networking-Specialty
Last Update: Apr 14, 2023
Questions: 154
ANS-C00 pdf

ANS-C00 PDF

$28  $80
ANS-C00 Engine

ANS-C00 Testing Engine

$33.25  $95
ANS-C00 PDF + Engine

ANS-C00 PDF + Testing Engine

$45.5  $130