Amazon ANS-C00 Practice Test - Questions Answers, Page 14

You ping an Amazon Elastic Compute Cloud (EC2) instance from an on-premises server. VPC Flow Logs record the following:

2 123456789010 eni-1235b8ca 10.123.234.78 172.11.22.33 0 0 1 8 672 1432917027 1432917142 ACCEPT OK

2 123456789010 eni-1235b8ca 172.11.22.33 10.123.234.78 0 0 1 4 336 1432917027 1432917082 ACCEPT OK

2 123456789010 eni-1235b8ca 172.11.22.33 10.123.234.78 0 0 1 4 336 1432917094 1432917142 REJECT OK

Why are ICMP responses not received by the on-premises system?

Which port range must be allowed through a NACL to ensure all return traffic is successful?

A media company that is based in Los Angeles, California, closed all of its on-premises data centers due to rising costs and inconsistent utilization. The company has deployed its video editing applications on Amazon EC2 instances in the AWS Cloud. The company has deployed to the us-west-1 Region and uses the internet for delivery of the applications.

Users are reporting high latency from Los Angeles to us-west-1. The company needs to reduce the latency to the EC2 instances while continuing to use the internet for delivery. Which solution meets these requirements?

You have several Amazon Glacier vaults you would like to monitor. How might you monitor those vaults?

Refer to the image.

You have three VPCs: A, B, and

For _______ distributions, CloudFront does not cache cookies in edge caches.

An organization will be expanding its current network design. When fully built out, there will be 99 VPCs spread across 11 AWS accounts (9 VPCs per account). There is currently an AWS Direct Connect connection into one account with 9 VPCs, each with a virtual network interface (VIF) per VPC.

Which of the following designs will minimize cost while allowing the organization to expand?

In Amazon CloudFront, while creating a web distribution, which of the following can be used as origin servers?

You run a well-architected, multi-AZ application in the eu-central-1 (Frankfurt) AWS region. The application is hosted in a VPC and is only accessed from the corporate network. To support large volumes of data transfer and administration of the application, you use a single 10-Gbps AWS Direct Connect connection with multiple private virtual interfaces. As part of a review, you decide to improve the resilience of your connection to AWS and make sure that any additional connectivity does not share the same Direct Connect routers at AWS. You need to provide the best levels of resilience to meet the application's needs.

Which two options should you consider? (Choose two.)