Amazon ANS-C00 Practice Test - Questions Answers, Page 10
List of questions
Question 91
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You need to find the public IP address of an instance that you're logged in to. What command would you use?
Explanation:
Explanation: curl http://169.254.169.254/latest/meta-data/public-ipv4
Question 92
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is deploying a critical application on two Amazon EC2 instances in a VPC. Failed client connections to the EC2 instances must be logged according to company policy. What is the MOST cost-effective solution to meet these requirements?
Question 93
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
AWS CloudTrail can be configured to ____ log files across multiple accounts and regions so that log files are delivered to a single bucket.
Explanation:
Explanation:
You can configure CloudTrail to aggregate log files from multiple regions and deliver them to a single S3 bucket for a single account. Reference: https://aws.amazon.com/cloudtrail/
Question 94
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You need to find the subnet, the security group and the VPC that your instance is associated with. You only have access to the terminal of an instance with an admin role attached. What is the first part of the command you would use?
Explanation:
Explanation: aws ec2 describe-instances will tell a significant amount of information about the instances in your account. Apply a filter to be able to see information about your instance. Describe-security-groups and describe-network-acl would not allow you to see which group is associated with your instance and aws vpc describe-all doesn't exist.
Question 95
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Your company runs an application for the US market in the us-east-1 AWS region. This application uses proprietary TCP and UDP protocols on Amazon Elastic Compute Cloud (EC2) instances. End users run a real-time, front-end application on their local PCs. This front-end application knows the DNS hostname of the service.
You must prepare the system for global expansion. The end users must access the application with lowest latency. How should you use AWS services to meet these requirements?
Question 96
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which of these is not a requirement to set up a DX connection?
Explanation:
Explanation:
Autonegotiation must be disabled.
Question 97
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A legacy, on-premises web application cannot be load balanced effectively. There are both planned and unplanned events that cause usage spikes to millions of concurrent users. The existing infrastructure cannot handle the usage spikes. The CIO has mandated that the application be moved to the cloud to avoid further disruptions, with the additional requirement that source IP addresses be unaltered to support network traffic-monitoring needs. Which of the following designs will meet these requirements?
Question 98
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You have a DX connection and a VPN connection as backup for your 10.0.0.0/16 network. You just received a letter indicating that the colocation provider hosting the DX connection will be undergoing maintenance soon. It is critical that you do not experience any downtime or latency during this period. What is the best course of action?
Explanation:
Explanation:
A more specific route is the only way to force AWS to prefer a VPN connection over a DX connection. A /9 is not more specific than a /16.
Question 99
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You are your company's AWS cloud architect. You have created a VPC topology that consists of 3 VPCs. You have a centralised VPC (VPC-Shared) that provides shared services to the remaining 2 departmental dedicated VPCs (VPCDept1 and VPC-Dept2). The centralised VPC is VPC peered to both of the departmental VPCs, that is a VPC peering connection exists between VPC-Shared and VPCDept1, and a VPC peering connection exists between VPC-Shared and VPC-Dept2.
Select the correct option from the list below.
Explanation:
Explanation:
Answers A, C and D are incorrect answers as they reference a non-existing setting - there is no such thing as a "default peering bi-directional communication flag".
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-partial-access.html#oneto-two-vpcs-instances
Question 100
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You have a hybrid environment in which your VPC queries your on-premises DNS server for up resources in your environment. The EC2 instances in your VPC are unable to resolve on-premises resources. What are two possible reasons for this problem? (Choose two.)
Explanation:
Explanation:
DNS requires TCP and UDP port 53.
Question