ExamGecko
Login
Home / Amazon / ANS-C00 / List of questions
Ask Question

Amazon ANS-C00 Practice Test - Questions Answers, Page 24

List of questions

Question 231

Report
Export
Collapse

Your organization uses a VPN to connect to your VPC but must upgrade to a 1-G AWS Direct Connect connection for stability and performance. Your telecommunications provider has provisioned the circuit from your data center to an AWS Direct Connect facility and needs information on how to cross-connect (e.g., which rack/port to connect). What is the AWS-recommended procedure for providing this information?

Create a support ticket. Provide your AWS account number and telecommunications company's name and where you need the Direct Connect connection to terminate.
Create a support ticket. Provide your AWS account number and telecommunications company's name and where you need the Direct Connect connection to terminate.
Create a new connection through your AWS Management Console and wait for an email from AWS with information.
Create a new connection through your AWS Management Console and wait for an email from AWS with information.
Ask your telecommunications provider to contact AWS through an AWS Partner Channel. Provide your AWS account number.
Ask your telecommunications provider to contact AWS through an AWS Partner Channel. Provide your AWS account number.
Contact an AWS Account Manager and provide your AWS account number, telecommunications company's name, and where you need the Direct Connect connection to terminate.
Contact an AWS Account Manager and provide your AWS account number, telecommunications company's name, and where you need the Direct Connect connection to terminate.
Suggested answer: A
asked 16/09/2024
Ivan Rodrigo Velasco Capote
34 questions

Question 232

Report
Export
Collapse

Which one of the following options is not true about WorkSpaces?

WorkSpaces allows integration with Microsoft AD.
WorkSpaces allows integration with Microsoft AD.
WorkSpaces is great for running Linux applications.
WorkSpaces is great for running Linux applications.
WorkSpaces is a fully managed, secure desktop computing service.
WorkSpaces is a fully managed, secure desktop computing service.
WorkSpaces can query on-premises domains for authentication.
WorkSpaces can query on-premises domains for authentication.
Suggested answer: D
asked 16/09/2024
Nosh Shah
37 questions

Question 233

Report
Export
Collapse

You are configuring a virtual interface for access to your VPC on a newly provisioned 1-Gbps AWS Direct Connect connection. Which two configuration values do you need to provide? (Choose two.)

Public AS number
Public AS number
VLAN ID
VLAN ID
IP prefixes to advertise
IP prefixes to advertise
Direct Connect location
Direct Connect location
Virtual private gateway
Virtual private gateway
Suggested answer: A, E

Explanation:

Explanation:

References: https://aws.amazon.com/directconnect/faqs/

asked 16/09/2024
Erik-Jan Brul
37 questions

Question 234

Report
Export
Collapse

You have a server that serves www, FTP, and mail. You need to access this server using www.yourname.com, ftp.yourname.com, and mail.yourname.com. You want to ensure an IP change results in the least number of other changes. What is the best solution?

Create PTR records and point the IP address of the server back to www, ftp, and mail.
Create PTR records and point the IP address of the server back to www, ftp, and mail.
Create an A record pointing to the server's IP address and create CNAME records for www, ftp, and mail and point those to the A record.
Create an A record pointing to the server's IP address and create CNAME records for www, ftp, and mail and point those to the A record.
Create an A record for www, ftp and mail, and point it to the ALIAS of the server.
Create an A record for www, ftp and mail, and point it to the ALIAS of the server.
Create CNAME records for www, ftp, and mail and point those to the A record already provided to the instance by AWS.
Create CNAME records for www, ftp, and mail and point those to the A record already provided to the instance by AWS.
Suggested answer: B

Explanation:

Explanation:

There is no ALIAS record for an EC2 instance, CNAME records pointed to the A record provided by AWS won't work because if the IP changes, the A record will change also. A PTR record is not appropriate here and cannot point to more than one record. Having three CNAME records and one A record will result in only having to change the A record if the IP changes.

asked 16/09/2024
Cynthia Gutknecht
46 questions

Question 235

Report
Export
Collapse

You have a web application (app.mycompany.com) running on an EC2 instance with a single elastic network interface in a subnet in a VPC. Because of a network redesign, you need to move the web application to a different subnet in the same Availability Zone.

Which of the following migration strategies meets the requirements?

Create an elastic network interface in the new subnet. Attach this interface to the instance, and detach the old interface.
Create an elastic network interface in the new subnet. Attach this interface to the instance, and detach the old interface.
Launch a new instance in the subnet via an AMI created from the instance, and redirect new connections to this new instance using DNS. Decommission the old instance.
Launch a new instance in the subnet via an AMI created from the instance, and redirect new connections to this new instance using DNS. Decommission the old instance.
Make an API call to change the subnet association of the elastic network interface.
Make an API call to change the subnet association of the elastic network interface.
Change the IP addresses manually to another subnet within the server operating system.
Change the IP addresses manually to another subnet within the server operating system.
Suggested answer: B

Explanation:

Explanation:

Instances cannot change subnets, so a new instance must be created (Response B). A is wrong because you cannot remove the original elastic network interface. C is not possible. D is wrong because the OS has no ability to affect the AWS assigned IP addresses.

asked 16/09/2024
luis lozano
40 questions

Question 236

Report
Export
Collapse

With AWS CloudTrail, creating multiple trails in one region allows ____ to focus on one aspect of AWS operation.

callers
callers
events
events
buckets
buckets
stakeholders
stakeholders
Suggested answer: D

Explanation:

Explanation:

With multiple trails, different stakeholders such as security administrators, software developers, and IT auditors can create and manage their own trails. For example, a security administrator can create a trail that applies to all regions and configure encryption using one Key Management Service key. A developer can create a trail that applies to one region for troubleshooting operational issues. Reference: https://aws.amazon.com/cloudtrail/faqs/

asked 16/09/2024
Francis Sailer
43 questions

Question 237

Report
Export
Collapse

Your company is expanding its cloud infrastructure and moving many of its flat files and static assets to S3. You currently use a VPN to access your compute infrastructure, but you require more reliability for your static files as you are offloading all of your important data to AWS. What is your best course of action while keeping costs low?

Create a Direct Connect connection using a Private VIF to access both compute and S3 resources.
Create a Direct Connect connection using a Private VIF to access both compute and S3 resources.
Create an S3 endpoint and create a route to the endpoint prefix list for your VPN to allow access to your S3 resources.
Create an S3 endpoint and create a route to the endpoint prefix list for your VPN to allow access to your S3 resources.
Create two Direct Connect connections. Each connected to a Private VIF to ensure maximum resiliency.
Create two Direct Connect connections. Each connected to a Private VIF to ensure maximum resiliency.
Create a Direct Connect connection using a Public VIF and route your VPN over the DX connection to your VPN endpoint.
Create a Direct Connect connection using a Public VIF and route your VPN over the DX connection to your VPN endpoint.
Suggested answer: D

Explanation:

Explanation:

An S3 endpoint cannot be used with a VPN. A Private VIF cannot access S3 resources. A Public VIF with a VPN will ensure security for your compute resources and access to your S3 resources. Two DX connections are very expensive and a Private VIF still won't allow access to your S3 resources.

asked 16/09/2024
Victor Ogbonna
34 questions

Question 238

Report
Export
Collapse

What is the maximum number of CloudTrails that you can create per AWS region?

10
10
2
2
16
16
5
5
Suggested answer: D

Explanation:

Explanation:

You can create up to five CloudTrails per Amazon AWS region. A trail that applies to all regions exists in each region and is counted as one trail in each region. Reference: https://aws.amazon.com/cloudtrail/faqs/

asked 16/09/2024
Thao Nguyen
46 questions

Question 239

Report
Export
Collapse

What two items are required for all AWS VPNs? (Choose two.)

Virtual Private Gateway
Virtual Private Gateway
ASN
ASN
A hardware router
A hardware router
Customer Gateway
Customer Gateway
Suggested answer: A, D

Explanation:

Explanation:

An ASN is only required for dynamic VPNs and hardware routers are not required.

asked 16/09/2024
Matthew Hillson
37 questions

Question 240

Report
Export
Collapse

In order to change the name of the AWS Config ____, you must stop the configuration recorder, delete the current one, and create a new one with a new name, since there can only be one of these per AWS account.

SNS topic
SNS topic
configuration history
configuration history
delivery channel
delivery channel
S3 bucket path
S3 bucket path
Suggested answer: C

Explanation:

Explanation:

As AWS Config continually records the changes that occur to your AWS resources, it sends notifications and updated configuration states through the delivery channel. You can manage the delivery channel to control where AWS Config sends configuration updates. You can have only one delivery channel per AWS account, and the delivery channel is required to use AWS Config. To change the delivery channel name, you must delete it and create a new delivery channel with the desired name. Before you can delete the delivery channel, you must temporarily stop the configuration recorder. The AWS Config console does not provide the option to delete the delivery channel, so you must use the AWS CLI, the AWS Config API, or one of the AWS SDKs.

Reference: http://docs.aws.amazon.com/config/latest/developerguide/update-dc.html

asked 16/09/2024
Jevgenij Žarikov
39 questions
Total 414 questions
Go to page: of 42
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You have two VPCs that you've peered. You created a route for VPC A to get to an instance in VPC. You are unable to ping the instance. You have double checked your security groups and NACLs. Why might this be?
In Amazon CloudFront, to link to your objects, if your domain name is d111111abcdef8.cloudfront.net and your object is image.jpg, then the URL for the link in your webpage will be _____.
Which of these modes is not a configuration mode for a WAF?
Your organization runs a popular e-commerce application deployed on AWS that uses auto scaling in conjunction with an Elastic Load balancing (ELB) service with an HTTPS listener. Your security team reports that an exploitable vulnerability has been discovered in the encryption protocol and cipher that your site uses. Which step should you take to fix this problem?
You are configuring multiple Direct Connect links for your organization and need them to be in an HA Active/Passive configuration with extreme sensitivity to outages in order to encourage very quick failover times. You also need to be able to control which link is active. What two configuration changes should you implement? (Choose two.)
You have deployed a website that utilizes CloudFront, Elastic Loadbalancer, and S3 to serve content. When users access your site, they receive a "mixed content" security warning. What is most likely the problem?
Which service would you use to see who changed your infrastructure?
A company is building a hybrid PCI-DSS compliant application that runs in the us-west-2 Region and on-premises. The application sends access logs from all locations to a single Amazon S3 bucket in uswest-2. To protect this sensitive data, the bucket policy is configured to deny access from public IP addresses. How should an engineer configure the network to meet these requirements?
An organization has multiple applications running in VPCs across multiple AWS accounts. The network engineer has deployed a central VPC with a pair of software VPN instances that run IPSec tunnels with dynamic routing to VGWs of all application VPCs. This central VPC is connected to on-premises resources via a Direct Connect connection using a private VIF. What additional configuration is required to enable the applications in VPCs to communicate with each other and access onpremises resources?
Under increased cybersecurity concerns, a company is deploying a near real-time intrusion detection system (IDS) solution. A system must be put in place as soon as possible. The architecture consists of many AWS accounts, and all results must be delivered to a central location. Which solution will meet this requirement, while minimizing downtime and costs?