ExamGecko
Home / Amazon / ANS-C00
Ask Question

ANS-C00: AWS Certified Advanced Networking - Specialty

Vendor:
Exam Questions:
414
 Learners
  2.371
Last Updated
April - 2025
Language
English
11 Quizzes
PDF | VPLUS

Exam Number: ANS-C00

Exam Name: AWS Certified Advanced Networking - Specialty

Length of test: 170 mins

Exam Format: Multiple-choice questions.

Exam Language: English

Number of questions in the actual exam: 65 questions

Passing Score: 70%

This certification is designed for individuals who perform complex networking tasks and have at least five years of hands-on experience architecting and implementing network solutions on AWS

This study guide should help you understand what to expect on ANS-C00 exam and includes a summary of the topics the exam might cover and links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.

Related questions

You have two VPCs that you've peered. You created a route for VPC A to get to an instance in VPC. You are unable to ping the instance. You have double checked your security groups and NACLs. Why might this be?

You forgot to add a return route.
You forgot to add a return route.
ICMP is not supported over peering connections.
ICMP is not supported over peering connections.
You have to enable Source/Destination check in the VPCs.
You have to enable Source/Destination check in the VPCs.
You have to configure the peering connection to allow two way traffic.
You have to configure the peering connection to allow two way traffic.
Suggested answer: A
Explanation:

Explanation:

Every route needs a return route for ICMP traffic.

asked 16/09/2024
Jimmy Raiford
49 questions

In Amazon CloudFront, to link to your objects, if your domain name is d111111abcdef8.cloudfront.net and your object is image.jpg, then the URL for the link in your webpage will be _____.

http://d111111abcdef8.cloudfront.net/images/image.jpg
http://d111111abcdef8.cloudfront.net/images/image.jpg
http://d111111abcdef8.dns/images/image.jpg
http://d111111abcdef8.dns/images/image.jpg
http://d111111abcdef8.dns/image.jpg
http://d111111abcdef8.dns/image.jpg
http://d111111abcdef8.cloudfront.net/image.jpg
http://d111111abcdef8.cloudfront.net/image.jpg
Suggested answer: D
Explanation:

Explanation:

In Amazon CloudFront, to link to your objects, if your domain name was d111111abcdef8.cloudfront.net and your object was image.jpg, the URL for the link would be: http://d111111abcdef8.cloudfront.net/ image.jpg. If your object is in a folder within your bucket, include the folder in the URL. For example, if image.jpg is located in an images folder, then the URL would be: http://d111111abcdef8.cloudfront.net/images/image.jpg.

Reference: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/GettingStarted.html

asked 16/09/2024
Jason Evans
52 questions

Which of these modes is not a configuration mode for a WAF?

Become a Premium Member for full access
  Unlock Premium Member

Your organization runs a popular e-commerce application deployed on AWS that uses auto scaling in conjunction with an Elastic Load balancing (ELB) service with an HTTPS listener. Your security team reports that an exploitable vulnerability has been discovered in the encryption protocol and cipher that your site uses. Which step should you take to fix this problem?

Generate new SSL certificates for all web servers and replace current certificates.
Generate new SSL certificates for all web servers and replace current certificates.
Change the security policy on the ELB to disable vulnerable protocols and ciphers.
Change the security policy on the ELB to disable vulnerable protocols and ciphers.
Generate new SSL certificates and use ELB to front-end the encrypted traffic for all web servers.
Generate new SSL certificates and use ELB to front-end the encrypted traffic for all web servers.
Leverage your current configuration management system to update SSL policy on all web servers.
Leverage your current configuration management system to update SSL policy on all web servers.
Suggested answer: D
asked 16/09/2024
Jason Childers
44 questions

You are configuring multiple Direct Connect links for your organization and need them to be in an HA Active/Passive configuration with extreme sensitivity to outages in order to encourage very quick failover times. You also need to be able to control which link is active.

What two configuration changes should you implement? (Choose two.)

MPLS
MPLS
BFD
BFD
AS_PATH Prepending
AS_PATH Prepending
BGP
BGP
Suggested answer: B, C
Explanation:

Explanation:

Bidirectional-Forwarding Detection will allow for faster failover times. AS_PATH Prepending will allow you to choose the default path. BGP is already implemented and MPLS does not matter.

asked 16/09/2024
Ahmed Otmani Amaoui
38 questions

You have deployed a website that utilizes CloudFront, Elastic Loadbalancer, and S3 to serve content. When users access your site, they receive a "mixed content" security warning. What is most likely the problem?

There is no rule in your bucket policy allowing public access.
There is no rule in your bucket policy allowing public access.
You have applied your SSL to your Elastic Loadbalancer but not your CDN.
You have applied your SSL to your Elastic Loadbalancer but not your CDN.
Your S3 Bucket permissions are incorrect.
Your S3 Bucket permissions are incorrect.
Most voted
(1)
Most voted
You are using an SSL from an external CA.
You are using an SSL from an external CA.
Suggested answer: B
Explanation:

Explanation:

You must apply the SSL to your Elastic Loadblanacer and your CDN to encrypt all aspects of your site.

asked 16/09/2024
Tim Baas
44 questions

Which service would you use to see who changed your infrastructure?

Become a Premium Member for full access
  Unlock Premium Member

A company is building a hybrid PCI-DSS compliant application that runs in the us-west-2 Region and on-premises. The application sends access logs from all locations to a single Amazon S3 bucket in uswest-2. To protect this sensitive data, the bucket policy is configured to deny access from public IP addresses. How should an engineer configure the network to meet these requirements?

Become a Premium Member for full access
  Unlock Premium Member

An organization has multiple applications running in VPCs across multiple AWS accounts. The network engineer has deployed a central VPC with a pair of software VPN instances that run IPSec tunnels with dynamic routing to VGWs of all application VPCs. This central VPC is connected to on-premises resources via a Direct Connect connection using a private VIF.

What additional configuration is required to enable the applications in VPCs to communicate with each other and access onpremises resources?

Become a Premium Member for full access
  Unlock Premium Member

Under increased cybersecurity concerns, a company is deploying a near real-time intrusion detection system (IDS) solution.

A system must be put in place as soon as possible. The architecture consists of many AWS accounts, and all results must be delivered to a central location. Which solution will meet this requirement, while minimizing downtime and costs?

Become a Premium Member for full access
  Unlock Premium Member