You currently use a single security group assigned to all nodes in a clustered NoSQL database. Only your cluster members in one region must be able to connect to each other. This security group uses a self-referencing rule using the cluster security group's group-id to make it easier to add or remove nodes from the cluster. You need to make this database comply with out-of-region disaster recovery requirements and ensure that the network traffic between the nodes is encrypted when travelling between regions. How should you enable secure cluster communication while deploying additional cluster members in another AWS region?
A. Create an IPsec VPN between AWS regions, use private IP addresses to route traffic, and create cluster security group rules that reference each other's security group-id in each region.To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use ____.
A. trusted signersA Lambda function needs to access the private address of an Amazon ElastiCache cluster in a VPC. The Lambda function also needs to write messages to Amazon SQS. The Lambda function has been configured to run in a subnet in the VPC.
Which of the following actions meet the requirements? (Choose two.)
A. The Lambda function needs an IAM role to access Amazon SQSA company wants to use thin clients running virtual desktops to replace 500 desktop computers used by its call center employees. The company is evaluating Amazon WorkSpaces as a solution.
A network engineer who is testing with a thin client is unable to connect to Amazon WorkSpaces. After entering credentials, the network engineer receives the following error:
"An error occurred while launching your WorkSpace. Please try again."
What should the network engineer do to resolve this issue?
A. Update the inbound rules on the network ACL on the subnets used for Amazon WorkSpaces to allow UDP on port 4172 and TCP on port 4172.Your company is expanding its cloud infrastructure and moving many of its flat files and static assets to S3. You currently use a VPN to access your compute infrastructure, but you require more reliability for your static files as you are offloading all of your important data to AWS. What is your best course of action while keeping costs low?
A. Create a Direct Connect connection using a Private VIF to access both compute and S3 resources.Within the TCP/IP model what is the name of the Packet Data Unit (PDU) used between Transport Layers for communication between sender and receiver
A. FramesYou have a data center with a 2 connection LAG. You wish to add 2 more connections, how many LOAs must you complete?
A. 2Your company currently has a LAG to AWS with two 1Gbps connections. What is the best way to increase throughput on this LAG?
A. Add three 1Gbps connections to the LAG.How many tunnels do you get with each VPN connection hosted by AWS?
A. 4In AWS Direct Connect, to provide for failover, AWS recommends that you request and configure two dedicated connections to AWS. These connections can terminate on one or two routers in your network. You can do this while __________________ with AWS Direct Connect step.
A. creating a Virtual InterfaceNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.