Amazon ANS-C00 Practice Test - Questions Answers, Page 15

You have 4 Direct Connect connections from your datacenter. Site A advertises 172.16.0.0/16 AS 65000, Site B advertises 172.16.0.128/25 AS 65000 65000 65000, Site C advertises 172.0.0.0/8 AS 65000 and Site D advertises 172.16.0.0/24 AS 65000. Which site will AWS choose to reach your network?

A company is migrating a legacy storefront web application to the AWS Cloud. The application is complex and will take several months to refactor. A solutions architect recommended an interim solution of using Amazon CloudFront with a custom origin pointing to the SSL endpoint URL for the legacy web application until the replacement is ready and deployed.

The interim solution has worked for several weeks. However, all browser connections recently began showing an HTTP 502Bad Gateway error with the header "X-Cache: Error from cloudfront." Monitoring services show that the HTTPS port 443 onthe legacy web application is open and responding to requests. What is the likely cause of the error, and what is the solution?

You work for a company that has several instances running with automatically assigned public IPs. You performed an upgrade that required you to restart the instances from the console and your DNS records don't work anymore. What happened?

You have been tasked with migrating your company's proprietary massively large dataset sorting application to AWS. The application currently runs on 4 highly spec'd servers that are in a cluster arrangement and runs 24x7, with the average CPU utilisation across any 24hr period being approx 85% - the migration of this cluster once up and running on AWS is expected to run similarly. The servers shuffle data internally and between themselves. Your company's financial performance is entirely dependent on the speed at which it can sort your customers datasets, that is the faster a sorted result can be returned the better your company's bottom line. Of the choices presented below, select the optimal network configuration that will ensure the best financial results for your company.

You have 3 VPCs that need to be able to pass traffic. In what two ways can you achieve this? (Choose two.)

Your company runs an HTTPS application using an Elastic Load Balancing (ELB) load balancer/PHP on nginx server/RDS inmultiple Availability Zones. You need to apply Geographic Restriction and identify the client's IP address in your applicationto generate dynamic content.

How should you utilize AWS services in a scalable fashion to perform this task?

You have created a custom VPC. What are two things you may need to do in order to SSH directly into your instance?

(Choose two.)

A company installed an AWS Site-to-Site VPN and configured it to use two tunnels. The company has learned that the VPN connectivity is unstable. During a ping test from the on-premises data center to AWS, a network engineer notices that the first few ICMP replies time out but that subsequent requests are successful. The AWS Management Console shows that the status for both tunnels last changed at the same time the ping responses were successfully received.

Which steps should the network engineer take to resolve the instability? (Choose two.)

Your company decides to use Amazon S3 to augment its on-premises data store. Instead of using the company's highly controlled, on-premises Internet gateway, a Direct Connect connection is ordered to provide high bandwidth, low latency access to S3. Since the company does not own a publically routable IPv4 address block, a request was made to AWS for an AWS-owned address for a Public Virtual Interface (VIF).

The security team is calling this new connection a "backdoor", and you have been asked to clarify the risk to the company. Which concern from the security team is valid and should be addressed?