1. Home
  2. Amazon
  3. ANS-C00

Amazon ANS-C00 Online Practice Questions and Exam Preparation

ANS-C00 Exam Details

  • Exam Code
    :ANS-C00
  • Exam Name
    :AWS Certified Advanced Networking - Specialty (ANS-C00)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :414 Q&As
  • Last Updated
    :May 30, 2026

Amazon ANS-C00 Online Questions & Answers

  • Question 101:

    Which of these addresses cannot be given to an EC2 instance in your VPC?

    A. 10.0.0.157
    B. 10.0.0.3
    C. 10.0.0.4
    D. 10.0.0.253

  • Question 102:

    The IPsec protocol suite is made up of various components covering aspects such as confidentiality, encryption, and integrity. Select the correct statement below regarding the correct configuration options for ensure IPsec confidentiality:

    A. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, MD5
    B. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, AES
    C. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
    D. The following protocols may be used to configure IPsec confidentiality, PSK, MD5
    E. The following protocols may be used to configure IPsec confidentiality, PSK, RSA

  • Question 103:

    Your organization requires strict adherence to a change control process for its Amazon Elastic Compute Cloud (EC2) and VPC environments. The organization uses AWS CloudFormation as the AWS service to control and implement changes. Which combination of three services provides an alert for changes made outside of AWS CloudFormation? (Choose three.)

    A. AWS Config
    B. AWS Simple Notification Service
    C. AWS CloudWatch metrics
    D. AWS Lambda
    E. AWS CloudFormation
    F. AWS Identify and Access Management

  • Question 104:

    A manufacturing company has a hybrid environment that includes an AWS Direct Connect gateway that is associated with an AWS Transit Gateway The company wants to extend a third-party application that is hosted in its on-premises data center into one of its VPCs.

    The application vendor has stated that It must use an overlay IP address to meet the company's requirement for high availability. The DHCP administrator has assigned a non-overlapping RFC1918 private address for use as the overlay IP address The security team requires connectivity to remain private.

    Which solution meets these requirements with the LEAST management overhead?

    A. Create a layer 2 VPN across a public VIF by using a software-based VPN on a pair of Amazon EC2 instances Use BGP to advertise the routes over the VPN.
    B. Create a transit VIF with automatically propagated routes in the transit gateway route table Create a new subnet in the VPC for the overlay IP address, and propagate the route to the VPC route table. Update the route tables on premises as needed.
    C. Create an external Network Load Balancer by using Amazon Route 53 to create records that point to the target application's overlay IP address. Create static entries in the VPC route table.
    D. Create a transit VIF Then create static routes in the transit gateway route table to point to the VPC that contains the overlay IP address Create static routes in the VPC route table that point to the transit gateway Update the route tables on premises as needed.

  • Question 105:

    Your organization leverages an IP Address Management (IPAM) product to manage IP address distribution. The IPAM exposes an API. Development teams use CloudFormation to provision approved reference architectures. At deployment time, IP addresses must be allocated to the VPC. When the VPC is deleted, the IPAM must reclaim the VPC's IP allocation.

    Which method allows for efficient, automated integration of the IPAM with CloudFormation?

    A. AWS CloudFormation parameters using the "Ref::" intrinsic function
    B. AWS CloudFormation custom resource using an AWS Lambda invocation.
    C. CloudFormation::OpsWorks::Stack with custom Chef configuration.
    D. AWS CloudFormation parameters using the "Fn::FindInMap" intrinsic function.

  • Question 106:

    An organization has three AWS accounts with each containing VPCs in Virginia, Canada and the Sydney regions. The organization wants to determine whether all available Elastic IP addresses (EIPs) in these accounts are attached to Amazon EC2 instances or in use elastic network interfaces (ENIs) in all of the specified regions for compliance and cost-optimization purposes.

    Which of the following meets the requirements with the LEAST management overhead?

    A. Use an Amazon CloudWatch Events rule to schedule an AWS Lambda function in each account in all three regions to find the unattached and unused EIPs.
    B. Use a CloudWatch event bus to schedule Lambda functions in each account in all three regions to find the unattached and unused EIPs.
    C. Add an AWS managed, EIP-attached AWS Config rule in each region in all three accounts to find unattached and unused EIPs.
    D. Use AWS CloudFormation StackSets to deploy an AWS Config EIP-attached rule in all accounts and regions to find the unattached and unused EIPs.

  • Question 107:

    A user is running a batch process on EBS backed EC2 instances. The batch process launches few EC2 instances to process hadoop Map reduce jobs which can run between 50-600 minutes or sometimes for even more time. The user wants a configuration that can terminate the instance only when the process is completed. How can the user configure this with CloudWatch?

    A. Configure a job which terminates all instances after 600 minutes
    B. It is not possible to terminate instances automatically
    C. Set up the CloudWatch with Auto Scaling to terminate all the instances
    D. Configure the CloudWatch action to terminate the instance when the CPU utilization falls below 5%

  • Question 108:

    A user is trying to understand the detailed CloudWatch monitoring concept. Which of the below mentioned services does not provide detailed monitoring with CloudWatch?

    A. AWS Route53
    B. AWS EMR
    C. AWS ELB
    D. AWS RDS

  • Question 109:

    A customer has set up multiple VPCs for Dev, Test, Prod, and Management. You need to set up AWS Direct Connect to enable data flow from on-premises to each VPC. The customer has monitoring software running in the Management

    VPC that collects metrics from the instances in all the other VPCs. Due to budget requirements, data transfer charges should be kept at minimum.

    Which design should be recommended?

    A. Create a total of four private VIFs, one for each VPC owned by the customer, and route traffic between VPCs using the Direct Connect link.
    B. Create a private VIF to the Management VPC, and peer this VPC to all other VPCs.
    C. Create a private VIF to the Management VPC, and peer this VPC to all other VPCs, enable source/destination NAT in the Management VPC.
    D. Create a total of four private VIFs, and enable VPC peering between all VPCs.

  • Question 110:

    Your company has decided to deploy AWS WorkSpaces for its hosted desktop solution. Your manager is very concerned with security and cost, as well as reliability. What two things should be deployed? (Choose two.)

    A. VPN
    B. AWS Hosted AD
    C. Direct Connect
    D. AD Connector

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.