1. Home
  2. Amazon
  3. ANS-C00

Amazon ANS-C00 Online Practice Questions and Exam Preparation

ANS-C00 Exam Details

  • Exam Code
    :ANS-C00
  • Exam Name
    :AWS Certified Advanced Networking - Specialty (ANS-C00)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :414 Q&As
  • Last Updated
    :Jan 06, 2026

Amazon ANS-C00 Online Questions & Answers

  • Question 1:

    You are the AWS cloud architect and have been tasked with designing an appropriate subnetting design for your production VPC. Your production VPC requires secure communications back to the corporate private network. Quality of

    Service

    cloud. Any potential latency incurred on this connection will have a direct impact on the company's ability to attract investors and expansion into new markets.

    Select the correct network configuration that best facilitates your company's continued growth plans.

    A. Provision a Direct Connect connection - between your service provider's data center and the AWS region that your cloud compute resources exist in. Configure just a Private Virtual Interface. As this is a Direct Connection, a Virtual Private Gateway is not required
    B. Configure a site-to-site layer 2 software router using OpenVPN within your VPC and ensure that QoS enabled - this is a secure and cheap option
    C. Configure a site-to-site layer 3 software router using OpenVPN within your VPC and ensure that QoS enabled - this is a secure and cheap option
    D. Provision a Direct Connect connection - between your existing service provider's data center and the AWS region that your cloud compute resources exist in. Configure a Virtual Private Gateway and Private Virtual Interface

  • Question 2:

    Select the answer/s that correctly state how Jumbo Frames work

    A. Jumbo Frames assist with application disk storage
    B. Jumbo Frames can assist with application performance
    C. Jumbo Frames are supported across Virtual Private Gateway connections
    D. Jumbo Frames are enabled by increasing the MTU size to 9000 kilobytes

  • Question 3:

    Select the VPC Peering statement below that is NOT true

    A. VPC peering supports transitive peering relationships for IPv6 traffic but not IPv4
    B. VPC peering can be performed between VPCs in different AWS accounts in the same region
    C. TCP connections can be performed between peered VPCs
    D. UDP connections can be performed between peered VPCs

  • Question 4:

    You have just provisioned a new VPC a with a CIDR block of 172.16.12.0/24. The entire CIDR block is fully utilized by subdividing it into 6 subnets, we will refer to these as Subnet1 through to Subnet6. The first 2 subnets (Subnet1 and Subnet2) are the same size. The last 4 subnets (Subnet3, Subnet4, Subnet5, Subnet6) are also the same size. Subnet5 is half the size of Subnet2. The address space as occupied by the first two subnets is contiguous, as is the address space occupied by the last 4 subnets. Within Subnet3 AWS reserves the address 172.16.12.129 for the VPC router.

    Select the correct IP address reserved by AWS for DNS in the Subnet2.

    A. 172.16.64.1
    B. 172.16.64.65
    C. 172.16.12.66
    D. 172.16.12.64

  • Question 5:

    From the following options, select the answer that correctly describes the implementation of the HTTP protocol

    A. By definition, HTTP is a connection-less oriented protocol and therefore utilises TCP
    B. By definition, HTTP is a connection orientated protocol and therefore utilises TCP
    C. By definition, HTTP is a connection-less oriented protocol and therefore utilises UDP
    D. By definition, HTTP can be configured to be either connection or connection-less oriented - by specifying the appropriate HTTP header.

  • Question 6:

    Considering your knowledge of both the OSI and TCP/IP models - select the following statement which you consider to NOT be true.

    A. The TCP/IP Application layer maps to 2 of the OSI Layers
    B. The top layer in the OSI model is named the Application layer
    C. The TCP/IP Application layer maps to 3 of the OSI Layers
    D. The top layer in the TCP/IP model is named the Application layer

  • Question 7:

    Your application server instances reside in the private subnet of your VPC. These instances need to access a Git repository on the Internet. You create a NAT gateway in the public subnet of your VPC. The NAT gateway can reach the Git repository, but instances in the private subnet cannot. You confirm that a default route in the private subnet route table points to the NAT gateway. The security group for your application server instances permits all traffic to the NAT gateway.

    What configuration change should you make to ensure that these instances can reach the patch server?

    A. Assign public IP addresses to the instances and route 0.0.0.0/0 to the Internet gateway.
    B. Configure an outbound rule on the application server instance security group for the Git repository.
    C. Configure inbound network access control lists (network ACLs) to allow traffic from the Git repository to the public subnet.
    D. Configure an inbound rule on the application server instance security group for the Git repository.

  • Question 8:

    Your customer's internal security teams receive requests to allow Amazon S3 access from inside the corporate network. All external traffic must be explicitly whitelisted through your corporate firewalls. How can your security team grant this access?

    A. Obtain the list of IP prefixes from AWS Forum announcements, and use those prefixes in firewall rules.
    B. Obtain the list of IP prefixes from ip-ranges.json, and use those prefixes in firewall rules.
    C. Obtain the list of IP prefixes by performing a DNS lookup on Amazon S3 endpoints, and use those prefixes in firewall rules.
    D. Connect your data center to a VPC via Direct Connect. Create routes that forward traffic from your data center to an S3 private endpoint.

  • Question 9:

    You are architecting an HPC solution in AWS. The system consists of a cluster of EC2 instances that require low-latency communications between them. Which method should you use to set up a cluster to meet these requirements?

    A. Create a VPC with one subnet in a single Availability Zone. Keep the size of the subnet equal to the number of instances required in the cluster. Launch instances for the cluster in this small subnet to guarantee low-latency network performance.
    B. Create a placement group. Choose an EC2 instance type compatible with placement groups for the cluster. Launch instances for the cluster in the placement group.
    C. Launch Amazon EC2 instances with the largest available number of cores and RAM. Attach all instances to an Amazon EBS PIOPS volume. Implement a shared memory system across all instances in the cluster, using this shared EBS volume to minimize latency of communication.
    D. Choose an EC2 instance type that offers enhanced networking. Attach a 10-Gbps non-blocking elastic network interface to the instances. Configure the elastic network interface to optimize network performance to reduce latency.

  • Question 10:

    Your on-premises network has an IP address range of 11.11.0.0/16. Only IPs within this network range can be used for inter-server communication. The IP address range 11.11.253.0/24 has been allocated for the cloud.

    You need to design a VPC in AWS. The servers within the VPC should be able to communicate with hosts both on the Internet and on-premises through a VPN connection.

    What combination of configuration steps meets your needs? (Choose two)

    A. Set up the VPC with an IP address range of 11.11.253.0/24.
    B. Set up the VPC with an RFC 1918 private IP address range (e.g., 10.10.10.0/24), and set up a NAT gateway to do translation between 10.10.10.0/24 and 11.11.253.0/24 for all outbound traffic.
    C. Set up a VPN connection between a VGW and an on-premises router, set the VGW as the default gateway for all traffic, and configure the on-premises router to forward traffic to the Internet.
    D. Set up a VPN connection between a VGW and an on-premises router, set the VGW as the default gateway for traffic destined to 11.11.0.0/24, and add a VPC subnet route to point the default gateway to an Internet gateway for Internet traffic.
    E. Set up the VPC with an RFC 1918 private IP address range (e.g., 10.10.10.0/24), and set the VGW to do a source IP translation of all outbound packets to 11.11.0.0/16.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.