An AWS Config rule can be set to be evaluated if a certain set of resources undergoes a configuration change. The set of resources to which the rule applies can be restricted by the rule's ____, which can include a combination of a resource type and a resource ID, for example.
A. triggerA company has a VPC in the us-west-1 Region and another VPC in the ap-southeast-2 Region. Network engineers set up an AWS Direct Connect connection from their data center to the us-east-1 Region. They create a private virtual interface (VIF) that references a Direct Connect gateway, which is then connected to virtual private gateways in both VPCs. When the setup is complete, the engineers cannot access resources in us-west-1 from ap-southeast-2.
What should the network engineers do to resolve this issue?
A. Add the subnet range for the VPCs in us-west-1 and ap-southeast-2 to the route tables for both VPCs. Add the Direct Connect gateway as a target.What must be added to your web server configuration to view the true requesting IP address?
A. X-Actual-IPYou received reports from clients in another time zone that they experienced an outage of your website several hours before you arrived at work. What two AWS services could prove crucial in figuring out what happened? (Choose two.)
A. AWS SupportYou have several VPCs that are peered. Each VPC has several routes to different subnets. Over the years, your company has acquired many companies. You find that traffic destined for one VPC ends up going to another. What is the best way to remedy this?
A. Move the route table entry for the proper VPC higher in the list.When configuring Active/Passive HA on VPN tunnels, choose the two best ways to configure this. (Choose two.)
A. Keep both tunnels up.Due to security requirements, all traffic must be encrypted between your VPC and your on-premises data center. You also want to maintain reliability. What two options will allow you to achieve this? (Choose two.)
A. A Direct Connect connection with a Private VIFYour company is connecting one data center with one router to several VPCs and needs to access them transitively. What should you do?
A. Create a VPN to one VPC and peer the others.A department in your company has created a new account that is not part of the organization's consolidated billing family. The department has also created a VPC for its workload. Access is restricted by network access control lists to the department's on-premises private IP allocation. An AWS Direct Connect private virtual interface for this VPC advertises a default route to the company network. When the department downloads data from an Amazon Elastic Compute Cloud (EC2) instance in its new VPC, what are the associated charges?
A. The company pays Internet Data Out charges.Your website is under attack and a malicious party is stealing large amounts of data. You have default NACL rules. Stopping the attack is the ONLY priority in this case. Which two commands should you use? (Choose two.)
A. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -ingress -rule-number 32768Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.