ExamGecko
Home / Amazon / ANS-C00 / List of questions
Ask Question

Amazon ANS-C00 Practice Test - Questions Answers, Page 27

List of questions

Question 261

Report
Export
Collapse

You have two public applications on different domains that use two front-end servers and two back-end servers each. You wish to achieve high availability for both applications. What two options should you configure? (Choose two.)

Route 53: 2 public zones and 2 private zones.
Route 53: 2 public zones and 2 private zones.
Route 53: 2 public zones and 1 private zone.
Route 53: 2 public zones and 1 private zone.
3 load balancers: 2 public and 1 internal.
3 load balancers: 2 public and 1 internal.
4 load balancers: 2 public and 2 internal.
4 load balancers: 2 public and 2 internal.
Suggested answer: A, D

Explanation:

Explanation:

Route 53: 2 public zones and 2 private zones and 4 load balancers: 2 public and 2 internal. This will allow one domain to be balanced over two application servers which will then have traffic balanced to the two backend servers.

asked 16/09/2024
DANNY GARCIA
32 questions

Question 262

Report
Export
Collapse

A company has a VPC in the us-west-1 Region and another VPC in the ap-southeast-2 Region. Network engineers set up an AWS Direct Connect connection from their data center to the us-east-1 Region. They create a private virtual interface (VIF) that references a Direct Connect gateway, which is then connected to virtual private gateways in both VPCs. When the setup is complete, the engineers cannot access resources in us-west-1 from ap-southeast-2. What should the network engineers do to resolve this issue?

Add the subnet range for the VPCs in us-west-1 and ap-southeast-2 to the route tables for both VPCs. Add the Direct Connect gateway as a target.
Add the subnet range for the VPCs in us-west-1 and ap-southeast-2 to the route tables for both VPCs. Add the Direct Connect gateway as a target.
Configure the Direct Connect gateway to route traffic between the VPCs in ap-southeast-2 and us-west-2.
Configure the Direct Connect gateway to route traffic between the VPCs in ap-southeast-2 and us-west-2.
Establish a VPC peering connection between the VPCs in ap-southeast-2 and us-west-2. Add the subnet ranges to the routing tables.
Establish a VPC peering connection between the VPCs in ap-southeast-2 and us-west-2. Add the subnet ranges to the routing tables.
Create static routes in each VPC that point to the destination VPC with the virtual private gateway as the route target.
Create static routes in each VPC that point to the destination VPC with the virtual private gateway as the route target.
Suggested answer: B
asked 16/09/2024
eddie alvarez
42 questions

Question 263

Report
Export
Collapse

An architecture is being designed to support an Amazon WorkSpaces deployment of 1,000 desktops. Which architecture will support this deployment while allowing for future expansion?

A VPC with a /16 CIDR and one /21 subnet
A VPC with a /16 CIDR and one /21 subnet
A VPC with a /20 CIDR and two /21 subnets
A VPC with a /20 CIDR and two /21 subnets
A VPC with a /16 CIDR and one /22 subnet
A VPC with a /16 CIDR and one /22 subnet
A VPC with a /20 CIDR and two /23 subnets
A VPC with a /20 CIDR and two /23 subnets
Suggested answer: C
asked 16/09/2024
Mikolaj Roeper
36 questions

Question 264

Report
Export
Collapse

You are the network engineer at your company, and you are noticing issues with QoS in you're the traffic to your instances hosting a VOIP program. You need to inspect the network packets to determine if it is a programming error or a networking error. How should you do this?

Configure a network monitoring program on every instance and stream the logs to an S3 bucket to be parsed.
Configure a network monitoring program on every instance and stream the logs to an S3 bucket to be parsed.
Use CloudWatch
Use CloudWatch
Set up another instance with an ENI added to act as a monitoring interface. Set the port to "promiscuous mode" and sniff the traffic to analyze the packets. Then output this single stream to an S3 bucket to be parsed.
Set up another instance with an ENI added to act as a monitoring interface. Set the port to "promiscuous mode" and sniff the traffic to analyze the packets. Then output this single stream to an S3 bucket to be parsed.
Inspect Flow Logs
Inspect Flow Logs
Suggested answer: A

Explanation:

Explanation:

Flow Logs and CloudWatch do not display packet contents. You cannot sniff traffic destined for other instances.

asked 16/09/2024
Judith Persons
43 questions

Question 265

Report
Export
Collapse

You are a network admin of a US company called Webby Widgets that is expanding to Europe. The company has a website that serves dynamic and static content.

You have been instructed to ensure the European clients receive the least latency possible, no matter where in Europe they live, while still allowing the US clients to receive the same user experience and performance they have been accustomed to.

You have also been instructed to ensure both countries use the same URL to access the site and keep costs low.

What two things should you do? (Choose two.)

Deploy three VPCs; one for the US, one for the EU, and one as a central VPC that hosts an Elastic Load Balancer that will distribute traffic between the US and EU VPCs.
Deploy three VPCs; one for the US, one for the EU, and one as a central VPC that hosts an Elastic Load Balancer that will distribute traffic between the US and EU VPCs.
Create two A records: eu.webbywidgets.com that points to the EU resources and us.webbywidgets.com that points to the US resources.
Create two A records: eu.webbywidgets.com that points to the EU resources and us.webbywidgets.com that points to the US resources.
Use the Traffic Flow policy creator to create the perfect routing policy.
Use the Traffic Flow policy creator to create the perfect routing policy.
Create a CloudFront distribution to serve the static content from an S3 bucket.
Create a CloudFront distribution to serve the static content from an S3 bucket.
Suggested answer: C, D

Explanation:

Explanation:

The Traffic Flow policy creator costs $50/mo. per policy and Elastic Load Balancers cannot distribute traffic between VPCs.

asked 16/09/2024
Saikhantsetseg Donnelly
38 questions

Question 266

Report
Export
Collapse

Your VPC has a DX connection that is advertising 99 routes. You have two more prefixes to add: 10.223.1.0/24 and 10.223.2.0/24. You have several locations, so you need to be as exact as possible with your routing. How would you do this?

Add the prefixes; AWS allows for as many BGP routes as you need but not static.
Add the prefixes; AWS allows for as many BGP routes as you need but not static.
Contact AWS to extend the number of prefixes you are allowed to advertise.
Contact AWS to extend the number of prefixes you are allowed to advertise.
Summarize the routes into a 10.223.0.0/22 and advertise that route instead.
Summarize the routes into a 10.223.0.0/22 and advertise that route instead.
Summarize the routes into a 10.223.0.0/12 and advertise that route instead.
Summarize the routes into a 10.223.0.0/12 and advertise that route instead.
Suggested answer: C

Explanation:

Explanation:

BGP has a strict 100 prefix limit. 10.223.0.0/12 includes both routes but is not very specific. 10.223.0.0/22 is the proper summarization of both routes.

asked 16/09/2024
Randy Kana
33 questions

Question 267

Report
Export
Collapse

Your customer's internal security teams receive requests to allow Amazon S3 access from inside the corporate network. All external traffic must be explicitly whitelisted through your corporate firewalls. How can your security team grant this access?

Obtain the list of IP prefixes from AWS Forum announcements, and use those prefixes in firewall rules.
Obtain the list of IP prefixes from AWS Forum announcements, and use those prefixes in firewall rules.
Obtain the list of IP prefixes from ip-ranges.json, and use those prefixes in firewall rules.
Obtain the list of IP prefixes from ip-ranges.json, and use those prefixes in firewall rules.
Obtain the list of IP prefixes by performing a DNS lookup on Amazon S3 endpoints, and use those prefixes in firewall rules.
Obtain the list of IP prefixes by performing a DNS lookup on Amazon S3 endpoints, and use those prefixes in firewall rules.
Connect your data center to a VPC via Direct Connect. Create routes that forward traffic from your data center to an S3 private endpoint.
Connect your data center to a VPC via Direct Connect. Create routes that forward traffic from your data center to an S3 private endpoint.
Suggested answer: B

Explanation:

Explanation: ip-ranges.json contains the latest list of IP addresses used by AWS. AWS no longer posts IP prefixes in Forum announcements. DNS lookups would not provide an exhaustive list of possible IP prefixes. D would require transitive routing, which is not possible.

asked 16/09/2024
Dennis Spring
45 questions

Question 268

Report
Export
Collapse

In the context of Amazon CloudFront, when you configure the media player, the path you specify to the media file must contain the characters _____________.

flv/std just before the domain name
flv/std just before the domain name
flv/std immediately after the domain name
flv/std immediately after the domain name
cfx/st just before the domain name
cfx/st just before the domain name
cfx/st immediately after the domain name
cfx/st immediately after the domain name
Suggested answer: D

Explanation:

Explanation:

In Amazon CloudFront, when you configure the media player, the path you specify to the media file must contain the characters cfx/st immediately after the domain name. For example: rtmp://s5c39gqb8ow64r.cloudfront.net/cfx/st/ mediafile.flv

Reference: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Streaming_URLs.html

asked 16/09/2024
Felomino Bacquiano II
45 questions

Question 269

Report
Export
Collapse

Your company needs an inexpensive solution to host their AD data in the cloud. They do not need all of the features of AD but do need to be able to use it with WorkSpaces. What is the best solution?

AD Connector
AD Connector
Hosted Microsoft AD
Hosted Microsoft AD
Simple AD
Simple AD
Deploy an AD server on an M3.large instance
Deploy an AD server on an M3.large instance
Suggested answer: C

Explanation:

Explanation:

Simple AD is the best choice here. If authentication is all you need, it is the most inexpensive option for in-cloud directory.

asked 16/09/2024
Curl Pushover
28 questions

Question 270

Report
Export
Collapse

A company is deploying a network security product that is based on virtual appliances that run on Amazon EC2 instances.

The appliances are stateful and inspect request traffic and return traffic. The appliances require visibility to a network flow's bidirectional transaction.

The central appliance VPC is connected to a transit gateway.

A network administrator notices that connections to the appliances are dropped when the traffic crosses Availability Zones.

The appliances run behind a Gateway Load Balancer. The appliances are deployed across multiple Availability zones in a central VPC. What is MOST likely causing the connections to drop?

The transit gateway VPC attachment of the central appliance VPC is configured only for a subnet in a single Availability Zone
The transit gateway VPC attachment of the central appliance VPC is configured only for a subnet in a single Availability Zone
The transit gateway VPC attachment of the appliance is not configured for appliance mode
The transit gateway VPC attachment of the appliance is not configured for appliance mode
The route table that is attached to the subnet in one of the Availability Zones is missing a return route to the originating VPC
The route table that is attached to the subnet in one of the Availability Zones is missing a return route to the originating VPC
The security group that is attached to one of the appliance instances is blocking traffic to port 6081
The security group that is attached to one of the appliance instances is blocking traffic to port 6081
Suggested answer: B

Explanation:

Explanation:

Reference: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-gateway-load-balancersupported-architecture-patterns/

asked 16/09/2024
JENNIFER MALIWANAG
38 questions
Total 414 questions
Go to page: of 42
Search

Related questions