Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 11)

Page 11 of 102

Your company maintains an Amazon Route 53 private hosted zone. DNS resolution is restricted to a single, pre-existing VPC. For a new application deployment, you create an additional VPC in the same AWS account.

Both this new VPC and your on-premises DNS infrastructure must resolve records in the existing private hosted zone.

Which two activities are required to enable DNS resolution both within the new VPC and from the on-premises infrastructure? (Choose two.)

  1. Update the DHCP options set for the new VPC with the Route 53 nameserver IP addresses.
  2. Update the Route 53 private hosted zone’s VPC associations to include the new VPC.
  3. Launch Amazon EC2-based DNS proxies in the new VP Specify the proxies as forwarders in the on- premises DNS.
  4. Update the on-premises DNS to include forwarders to the Route 53 nameserver IP addresses.
  5. Launch Amazon EC2-based DNS proxies in the new VPC. Specify the proxies in the DHCP options set.

Answer(s): A,B



A department in your company has created a new account that is not part of the organization’s consolidated billing family. The department has also created a VPC for its workload. Access is restricted by network access control lists to the department’s on-premises private IP allocation. An AWS Direct Connect private virtual interface for this VPC advertises a default route to the company network. When the department downloads data from an Amazon Elastic Compute Cloud(EC2) instance in its new VPC, what are the associated charges?

  1. The company pays Internet Data Out charges.
  2. The company pays AWS Direct Connect Data Out charges.
  3. The department pays Internet Data Out charges.
  4. The department pays AWS Direct Connect Data Out charges.

Answer(s): D



An organization will be extending its existing on-premises infrastructure into the cloud. The design consists of a transit VPC that contains stateful firewalls that will be deployed in a highly available configuration across two Availability Zones for automatic failover.
What MUST be configured for this design to work? (Choose two.)

  1. A different Autonomous System Number (ASN) for each firewall.
  2. Border Gateway Protocol (BGP) routing
  3. Autonomous system (AS) path prepending
  4. Static routing
  5. Equal-cost multi-path routing (ECMP)

Answer(s): B,E



A company is about to migrate an application from its on-premises data center to AWS. As part of the planning process, the following requirements involving DNS have been identified.

-On-premises systems must be able to resolve the entries in an Amazon Route 53 private hosted zone.
-Amazon EC2 instances running in the organization’s VPC must be able to resolve the DNS names of on- premises systems

The organization’s VPC uses the CIDR block 172.16.0.0/16.

Assuming that there is no DNS namespace overlap, how can these requirements be met?

  1. Change the DHCP options set for the VPC to use both the Amazon-provided DNS server and the on- premises DNS systems. Configure the on-premises DNS systems with a stub-zone, delegating the name server 172.16.0.2 as authoritative for the Route 53 private hosted zone.
  2. Deploy and configure a set of EC2 instances into the company VPC to act as DNS proxies. Configure the proxies to forward queries for the on-premises domain to the on-premises DNS systems, and forward all other queries to 172.16.0.2. Change the DHCP options set for the VPC to use the new DNS proxies. Configure the on-premises DNS systems with a stub-zone, delegating the name server 172.16.0.2 as authoritative for the Route 53 private hosted zone.
  3. Deploy and configure a set of EC2 instances into the company VPC to act as DNS proxies. Configure the proxies to forward queries for the on-premises domain to the on-premises DNS systems, and forward all other queries to the Amazon-provided DNS server (172.16.0.2). Change the DHCP options set for the VPC to use the new DNS proxies. Configure the on-premises DNS systems with a stub-zone, delegating the proxies as authoritative for the Route 53 private hosted zone.
  4. Change the DHCP options set for the VPC to use both the on-premises DNS systems. Configure the on- premises DNS systems with a stub-zone, delegating the Route 53 private hosted zone’s name servers as authoritative for the Route 53 private hosted zone.

Answer(s): C



Page 11 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote