Amazon ANS-C00 Online Practice Questions and Exam Preparation

Amazon ANS-C00 Online Questions & Answers

• Question 351:

  A company has a hybrid IT architecture with two AWS Direct Connect connections to provide high availability. The services hosted on-premises are accessible using public IPs, and are also on the 172.16.0.0/16 range. The AWS resources are on the 192.168.0.0/18 range. The company wants to use Amazon Elastic Load Balancing for SSL offloading, health checks, and sticky sessions.

  What should be done to meet these requirements?

  A. Create a Network Load Balancer pointing to the on-premises server's private IP address.
  B. Create an Amazon CloudFront distribution for the on-premises service and use the public IPs of the on-premises servers as the origin.
  C. Create a Network Load Balancer pointing to the on-premises server's public IP address.
  D. Create an Application Load Balancer pointing to the on-premises server's private IP address.
  A. Create a Network Load Balancer pointing to the on-premises server's private IP address.

• Question 352:

  A company deployed its production Amazon VPC using CIDR block 33.16.0.0/16. The company has nearly depleted its addresses and now needs to extend the VPC network. Which CIDR blocks meet the company's requirement to extend the VPC network with a secondary CIDR? (Choose two.)

  A. 33.17.0.0/16
  B. 172.16.0.0/18
  C. 100.70.0.0/17
  D. 192.168.1.0/24
  E. 10.0.0.0/8
  A. 33.17.0.0/16
  C. 100.70.0.0/17

• Question 353:

  In the context of CloudFront RTMP Distribution, the Adobe Flash Media Server _________ file specifies which domains can access media files in a particular domain.

  A. accessdomain.JSON
  B. crossdomain.xml
  C. accessdomain.xml
  D. crossdomain.JSON
  B. crossdomain.xml

• Question 354:

  A company has a hybrid environment across its on-premises network and the AWS Cloud. The company wants to use Amazon Elastic File System (Amazon EFS) to store and share data between on-premises services that are required to resolve DNS queries through on-premises DNS servers. The company wants to use a custom domain name to connect to Amazon EFS. The company also wants to avoid using the Amazon EFS target IP address.

  What should a network engineer do to meet these requirements?

  A. Create an Amazon Route 53 Resolver outbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 public hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 public hosted zone.
  B. Create an Amazon Route 53 Resolver inbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 Resolver.
  C. Create an Amazon Route 53 Resolver outbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 Resolver.
  D. Create an Amazon Route 53 Resolver inbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new PTR record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 private hosted zone.
  A. Create an Amazon Route 53 Resolver outbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 public hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 public hosted zone.

• Question 355:

  You are architecting an HPC solution in AWS. The system consists of a cluster of EC2 instances that require low-latency communications between them. Which method should you use to set up a cluster to meet these requirements?

  A. Create a VPC with one subnet in a single Availability Zone. Keep the size of the subnet equal to the number of instances required in the cluster. Launch instances for the cluster in this small subnet to guarantee low-latency network performance.
  B. Create a placement group. Choose an EC2 instance type compatible with placement groups for the cluster. Launch instances for the cluster in the placement group.
  C. Launch Amazon EC2 instances with the largest available number of cores and RAM. Attach all instances to an Amazon EBS PIOPS volume. Implement a shared memory system across all instances in the cluster, using this shared EBS volume to minimize latency of communication.
  D. Choose an EC2 instance type that offers enhanced networking. Attach a 10-Gbps non-blocking elastic network interface to the instances. Configure the elastic network interface to optimize network performance to reduce latency.
  B. Create a placement group. Choose an EC2 instance type compatible with placement groups for the cluster. Launch instances for the cluster in the placement group.

• Question 356:

  You have just peered two VPCs, and you need to improve performance for instances you plan on deploying. What are two steps you would take to do this? (Choose two.)

  A. Create two subnets in the same AZ and create a placement group.
  B. Set the MTU of your instances to 1500.
  C. Create two subnets in different AZs and create a placement group.
  D. Ensure you choose instances that use enhanced networking.
  A. Create two subnets in the same AZ and create a placement group.
  D. Ensure you choose instances that use enhanced networking.

• Question 357:

  Your company has set up AWS Direct Connect to connect on-premises to an Amazon VPC instance. Two Direct Connect connections terminate at two different Direct Connect locations. You are using two routers, R1 and R2, at your end (one of each Direct Connect connection). R1 and R2 do NOT have connectivity between them. Both routers advertise the same routers over BGP to the VGW. You have a stateful firewall on each router. The routers drop some of the traffic coming from the VPC.

  Which two actions should you take to fix this problem? (Choose two.)

  A. Use BGP AS prepend attribute to prepend additional AS numbers while advertising routers from R1 to VGW.
  B. Use BGP local preference attribute to assign R1 to a lower local preference number than R2.
  C. Use BGP local preference attribute to assign R1 a higher local preference number than R2.
  D. Use BGP MED attribute to assign a higher MED value to the routes advertised R1 to VGW.
  E. Use BGP MED attribute to assign a higher MED value to the routes advertised from R2 to VGW.
  A. Use BGP AS prepend attribute to prepend additional AS numbers while advertising routers from R1 to VGW.
  C. Use BGP local preference attribute to assign R1 a higher local preference number than R2.

• Question 358:

  You are designing the network infrastructure for an application server in Amazon VPC. Users will access all the application instances from the Internet and from an on-premises network. The on-premises network is connected to your VPC over an AWS Direct Connect link.

  How should you design routing to meet these requirements?

  A. Configure a single routing table with two default routes: one to the Internet via an IGW, the other to the on-premises network via the VGW. Use this routing table across all subnets in your VPC.
  B. Configure two routing tables: one that has a default route via the IGW, and another that has a default route via the VGW. Associate both routing tables with each VPC subnet.
  C. Configure a single routing table with a default route via the IGW. Propagate a default route via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnet.
  D. Configure a single routing table with a default route via the IGW. Propagate specific routes for the on-premises networks via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.
  D. Configure a single routing table with a default route via the IGW. Propagate specific routes for the on-premises networks via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.

• Question 359:

  You can use the ____ command of the AWS Config service CLI to see the compliance state of each of your rules.

  A. get-compliance-details-by-resource
  B. describe-compliance-by-config-rule
  C. get-compliance-details-by-config-rule
  D. describe-compliance-by-resource
  B. describe-compliance-by-config-rule

• Question 360:

  You need to create a baseline of normal traffic flow in order to implement some security changes to your organization. What two items would be best to use? (Choose two.)

  A. Wireshark
  B. CloudTrail
  C. An IDS
  D. CloudWatch
  A. Wireshark
  D. CloudWatch