1. Home
  2. Amazon
  3. ANS-C00

Amazon ANS-C00 Online Practice Questions and Exam Preparation

ANS-C00 Exam Details

  • Exam Code
    :ANS-C00
  • Exam Name
    :AWS Certified Advanced Networking - Specialty (ANS-C00)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :414 Q&As
  • Last Updated
    :May 30, 2026

Amazon ANS-C00 Online Questions & Answers

  • Question 371:

    Your application server instances reside in the private subnet of your VPC. These instances need to access a Git repository on the Internet. You create a NAT gateway in the public subnet of your VPC. The NAT gateway can reach the Git repository, but instances in the private subnet cannot. You confirm that a default route in the private subnet route table points to the NAT gateway. The security group for your application server instances permits all traffic to the NAT gateway.

    What configuration change should you make to ensure that these instances can reach the patch server?

    A. Assign public IP addresses to the instances and route 0.0.0.0/0 to the Internet gateway.
    B. Configure an outbound rule on the application server instance security group for the Git repository.
    C. Configure inbound network access control lists (network ACLs) to allow traffic from the Git repository to the public subnet.
    D. Configure an inbound rule on the application server instance security group for the Git repository.

  • Question 372:

    A company that provides a RESTful API is designing a network architecture for deployment to the AWS Cloud. The company needs a scalable design that is cost-optimized and secure. The company is conducting pre-release testing with

    some of its customers, but the company expects to expand to several hundred customers when the final version is released.

    The data that is exchanged through the API is confidential. All data must be exchanged on private IP addresses that are not accessible through the internet. All customers who use the API operate on AWS in VPCs.

    What should the company do with its architecture to meet these requirements?

    A. Use a Network Load Balancer (NLB) as the front end to the API. Use a transit VPC with VPC peering to each customer's VPC.
    B. Use AWS PrivateLink endpoints in customer VPCs as the front end for an AWS Fargate containers deployment with auto scaling enabled.
    C. Use an Amazon API Gateway API with a regional API endpoint as the front end for all API interactions that invoke AWS Lambda functions.
    D. Use an Amazon API Gateway API with an edge-optimized API endpoint as the front end for all API interactions that invoke AWS Lambda functions.

  • Question 373:

    You are deploying an EC2 instance in a private subnet that requires access to the Internet. One of the requirements for this solution is to restrict access to only particular URLs on a whitelist. In addition to the whitelisted URLs, the instances

    should be able to access any Amazon S3 bucket in the same region via any URL.

    Which of the following solutions should you deploy? (Choose two.)

    A. Include s3.amazonaws.com in the whitelist.
    B. Create a VPC endpoint for S3.
    C. Run Squid proxy on a NAT instance.
    D. Deploy a NAT gateway into your VPC.
    E. Utilize a security group to restrict access.

  • Question 374:

    You are a network engineer at a company that just purchased a DX connection. You ensured your equipment met all of the technical requirements, you have verified with your AWS account manager and your colocation provider that everything is connected, and all of your information is correct. For some reason, the link does not operate correctly.

    What could be the problem?

    A. The CAT6 cable is frayed.
    B. Autonegotiation is enabled.
    C. You are using 802.1q VLANs instead of 802.1w.
    D. BFD is disabled.

  • Question 375:

    A company has two on-premises data center locations. There is a company-managed router at earn data center. Each data center has a dedicated AWS Direct Connect connection to a Direct Connect gateway through a private virtual interface The router for the first location is advertising 110 routes to the Direct Connect gateway by using BGP and the router tor the second location is advertising 60 routes to the Direct Connect gateway by using BGP The Direct Connect gateway is attached to a company VPC through a virtual private gateway.

    A network engineer receives reports that resources In the VPC are not reachable from various locations in either data center. The network engineer checks the VPC route table and sees that the routes from the first data center. location are not being populated into the route table The network engineer must resolve this issue in the most operationally efficient manner.

    What should the network engineer do to meet these requirements?

    A. Remove the Direct Connect gateway, and create a new private virtual interface from each company router to the virtual private gateway of the VPC.
    B. Change the router configurations to summarize the advertised routes.
    C. Open a support ticket to increase the quota on advertised routes to the VPC route table.
    D. Create an AWS Transit Gateway Attach the transit gateway to the VPC and connect the Direct Connect gateway to the transit gateway.

  • Question 376:

    You are configuring a virtual interface for access to your VPC on a newly provisioned 1-Gbps AWS Direct Connect connection. Which two configuration values do you need to provide? (Choose two.)

    A. Public AS number
    B. VLAN ID
    C. IP prefixes to advertise
    D. Direct Connect location
    E. Virtual private gateway

  • Question 377:

    For web distributions in Amazon CloudFront, your origin can be either an Amazon S3 bucket or _______ .

    A. a DNS server
    B. a proxy server
    C. an FTP server
    D. an HTTP server

  • Question 378:

    What number does the binary number 10101000 correspond to?

    A. 168
    B. 128
    C. 192
    D. 160

  • Question 379:

    Which other AWS service is used to track `Related Events' within the Configuration Item?

    A. AWS WAF
    B. SQS
    C. AWS CloudTrail
    D. S3

  • Question 380:

    You have a Simple AD deployment, and you wish to use it for your Microsoft Exchange email server. You are having issues finding the AD server, why might this be?

    A. You need to contact AWS to receive a PTR record for your email server.
    B. Your firewall is blocking it.
    C. Simple AD is not a full Active Directory server and will not work with many MS products.
    D. SSL is not implemented.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ANS-C00 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.