1. Home
  2. Amazon
  3. ANS-C00

AWS Certified Advanced Networking - Specialty (ANS-C00)

Exam Details

  • Exam Code
    :ANS-C00
  • Exam Name
    :AWS Certified Advanced Networking - Specialty (ANS-C00)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :414 Q&As
  • Last Updated
    :Apr 25, 2025

Amazon Amazon Certifications ANS-C00 Questions & Answers

  • Question 181:

    Your customer's internal security teams receive requests to allow Amazon S3 access from inside the corporate network. All external traffic must be explicitly whitelisted through your corporate firewalls.

    How can your security team grant this access?

    A. Obtain the list of IP prefixes from AWS Forum announcements, and use those prefixes in firewall rules.

    B. Obtain the list of IP prefixes from ip-ranges.json, and use those prefixes in firewall rules.

    C. Obtain the list of IP prefixes by performing a DNS lookup on Amazon S3 endpoints, and use those prefixes in firewall rules.

    D. Connect your data center to a VPC via Direct Connect. Create routes that forward traffic from your data center to an S3 private endpoint.

  • Question 182:

    You are architecting an HPC solution in AWS. The system consists of a cluster of EC2 instances that require low-latency communications between them.

    Which method should you use to set up a cluster to meet these requirements?

    A. Create a VPC with one subnet in a single Availability Zone. Keep the size of the subnet equal to the number of instances required in the cluster. Launch instances for the cluster in this small subnet to guarantee low-latency network performance.

    B. Create a placement group. Choose an EC2 instance type compatible with placement groups for the cluster. Launch instances for the cluster in the placement group.

    C. Launch Amazon EC2 instances with the largest available number of cores and RAM. Attach all instances to an Amazon EBS PIOPS volume. Implement a shared memory system across all instances in the cluster, using this shared EBS volume to minimize latency of communication.

    D. Choose an EC2 instance type that offers enhanced networking. Attach a 10-Gbps non-blocking elastic network interface to the instances. Configure the elastic network interface to optimize network performance to reduce latency.

  • Question 183:

    Which service would you use to see CPU usage?

    A. CloudTrail

    B. Config

    C. CloudWatch

    D. None of the above

  • Question 184:

    Your on-premises network has an IP address range of 11.11.0.0/16. Only IPs within this network range can be used for inter-server communication. The IP address range 11.11.253.0/24 has been allocated for the cloud.

    You need to design a VPC in AWS. The servers within the VPC should be able to communicate with hosts both on the Internet and on-premises through a VPN connection.

    What combination of configuration steps meets your needs? (Choose two)

    A. Set up the VPC with an IP address range of 11.11.253.0/24.

    B. Set up the VPC with an RFC 1918 private IP address range (e.g., 10.10.10.0/24), and set up a NAT gateway to do translation between 10.10.10.0/24 and 11.11.253.0/24 for all outbound traffic.

    C. Set up a VPN connection between a VGW and an on-premises router, set the VGW as the default gateway for all traffic, and configure the on-premises router to forward traffic to the Internet.

    D. Set up a VPN connection between a VGW and an on-premises router, set the VGW as the default gateway for traffic destined to 11.11.0.0/24, and add a VPC subnet route to point the default gateway to

    an Internet gateway for Internet traffic.

    E. Set up the VPC with an RFC 1918 private IP address range (e.g., 10.10.10.0/24), and set the VGW to do a source IP translation of all outbound packets to 11.11.0.0/16.

  • Question 185:

    Which service would you use to see who changed your infrastructure?

    A. Config

    B. CloudTrail

    C. Flow Logs

  • Question 186:

    Which of these metrics cannot help detect a DDoS?

    A. EC2 CPUUtilization

    B. ELB SurgeQueueLength

    C. EMR EMRspersecond

    D. CloudFront Requests

  • Question 187:

    Which of these modes is not a configuration mode for a WAF?

    A. Block

    B. Allow

    C. Sleep

    D. Monitor

  • Question 188:

    Which two choices can serve as a directory service for WorkSpaces? (Choose two.)

    A. Simple AD

    B. Enhanced AD

    C. Direct Connection

    D. AWS Microsoft AD

  • Question 189:

    Which one of the following options is not true about WorkSpaces?

    A. WorkSpaces allows integration with Microsoft AD.

    B. WorkSpaces is great for running Linux applications.

    C. WorkSpaces is a fully managed, secure desktop computing service.

    D. WorkSpaces can query on-premises domains for authentication.

  • Question 190:

    What statement about LAGs is incorrect?

    A. If you create a new connection, you will have to fill out another LOA-CFA.

    B. You can pool connections with multiple speeds to create one faster speed.

    C. You will receive 1 LOA-CFA with a page for each connection.

    D. All connections in the LAG must terminate at the same DX endpoint.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.