You are responsible for several EC2 instances deployed from Amazon AMIs that are required to upload information to an S3 bucket. This information must not traverse the public internet. You must also be able to update the instances. Which option is your best solution?
A. An S3 endpoint and a NAT
B. An S3 endpoint
C. A VPN to the IP addresses specified in the AWS official S3 prefix list
D. A NACL with the AWS prefix list added to it and a VPN.
You have just deployed a website that utilizes CloudFront, ELB, and S3 to serve content. When users access your site, they are seeing broken image links. You know you configured CloudFront to use cdn.yourdomain.com. What is the most likely reason why your users not seeing the images?
A. There is no rule in your bucket policy allowing public access.
B. The images in S3 are saved as .png instead of .jpg.
C. There is no record in Route 53 pointing cdn.yourdomain.com to the ALIAS.
D. The users are using Internet Explorer.
Your AWS WorkSpaces users are unable to authenticate. What could be one reason for this?
A. Your AD server is running Windows Server 2016
B. Port 3389 is not open to your AD server.
C. Port 389 is not open to your AD server.
D. Your AD server is running Windows Server 2012 Core Edition.
Your company is connecting one data center with one router to several VPCs and needs to access them transitively. What should you do?
A. Create a VPN to one VPC and peer the others.
B. This is not possible.
C. Use a transit VPC with a VPN running on one or more EC2 instances to route traffic between the VPCs.
D. Just connect; VPCs are transitive in nature.
Your company just purchased a domain using another registrar and wants to use the same nameservers as your current domain hosted with AWS. How would this be achieved?
A. Every domain must have different nameservers.
B. In the API, create a Reusable Delegation Set.
C. Import the domain to your account and it will automatically set the same nameservers.
D. In the console, create a Reusable Delegation Set.
You have two VPCs that you need to connect to an on-premises datacenter using VPNs. When you create the tunnels, you find that both tunnels use the same addresses. What two things can you do to overcome this? (Choose two.)
A. Delete the VPN, create a "dummy VPN", recreate the VPN, then delete the "dummy" VPN.
B. Delete your AWS account and create a new one since the VPN tunnel addresses are created from a hash of your account number and a proprietary algorithm.
C. Create a VHF within you router for each network.
D. Create a VRF within your router for each network.
Your network utilizes jumbo frames on its servers and your router. You are trying to access your AWS resources, and you are having issues with packet loss. What is the best solution?
A. Remove the "Do not Fragment" flag on the packets.
B. Lower the MTU for your network.
C. Call AWS support.
D. You will have to upgrade to Direct Connect.
Your company has placement groups in two different availability zones. There is a large project coming up and, although resilience is important, cost and speed are the most important factors. The servers in each placement group need to be able to achieve the highest speed possible.
How can this be achieved?
A. Create AMIs from all of the instances, terminate them, and deploy them all into one placement group.
B. In the CLI, run the command "aws ec2 set-placement-group 1 " for all of the instances.
C. Duplicate the VPC, peer the new VPC, create AMIs of the instances, terminate them, and redeploy them in two separate placement groups between the two VPCs.
D. Peer the two placement groups using AWS PG Peering.
You have two enhanced networking capable instances in a placement group. One with an Intel network interface and one with an ENA.
What network speed will be achieved between the two?
A. 10Gbps
B. 20Gbps
C. 5Gbps
D. You cannot have different network interfaces in a placement group.
You have a DX connection and a VPN connection as backup for your 10.0.0.0/16 network. You just received a letter indicating that the colocation provider hosting the DX connection will be undergoing maintenance soon. It is critical that you do not experience any downtime or latency during this period.
What is the best course of action?
A. Configure the VPN as a static VPN instead of dynamic.
B. Configure AS_PATH Prepending on the DX connection to make it the less preferred path.
C. Advertise 10.0.0.0/9 and 10.128.0.0/9 over your VPN connection.
D. None of the above.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.