← Back to exam page

AWS-Certified-Advanced-Networking-Specialty-ANS-C00 AWS Certified Advanced Networking - Specialty (ANS-C00)

Loading demo links...

Showing 16–18 of 20 questions

Question 16

You have a DX connection and a VPN connection as backup for your 10.0.0.0/16 network. You just received a letter indicating that the colocation provider hosting the DX connection will be undergoing maintenance soon. It is critical that you do not experience any downtime or latency during this period.

What is the best course of action?

Select an option, then click Submit answer.

  • Configure the VPN as a static VPN instead of dynamic.

  • Configure AS_PATH Prepending on the DX connection to make it the less preferred path.

  • Advertise 10.0.0.0/9 and 10.128.0.0/9 over your VPN connection.

  • None of the above.
Question 17

Your organization uses a VPN to connect to your VPC but must upgrade to a 1-G AWS Direct Connect connection for stability and performance. Your telecommunications provider has provisioned the circuit from your data center to an AWS Direct Connect facility and needs information on how to cross-connect (e.g., which rack/port to connect).

What is the AWS-recommended procedure for providing this information?

Select an option, then click Submit answer.

  • Create a support ticket. Provide your AWS account number and telecommunications company’s name and where you need the Direct Connect connection to terminate.

  • Create a new connection through your AWS Management Console and wait for an email from AWS with information.

  • Ask your telecommunications provider to contact AWS through an AWS Partner Channel. Provide your AWS account number.

  • Contact an AWS Account Manager and provide your AWS account number, telecommunications company’s name, and where you need the Direct Connect connection to terminate.
Question 18

An organization wants to process sensitive information using the Amazon EMR service. The information is stored in on-premises databases. The output of processing will be encrypted using AWS KMS before it is uploaded to a customer-owned Amazon S3 bucket. The current configuration includes a VPS with public and private subnets, with VPN connectivity to the on-premises network. The security organization does not allow Amazon EC2 instances to run in the public subnet.

What is the MOST simple and secure architecture that will achieve the organization’s goal?

Select an option, then click Submit answer.

  • Use the existing VPC and configure Amazon EMR in a private subnet with an Amazon S3 endpoint.

  • Use the existing VPS and a NAT gateway, and configure Amazon EMR in a private subnet with an Amazon S3 endpoint.

  • Create a new VPS without an IGW and configure the VPN and Amazon EMR in a private subnet with an Amazon S3 endpoint.

  • Create a new VPS without an IGW and configure the VPN and Amazon EMR in a private subnet with an Amazon S3 endpoint and a NAT gateway.