CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-Certified-Advanced-Networking-Specialty

Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 18)

Page 18 of 102
PDF with 407 Questions

DNS name resolution must be provided for services in the following four zones:

The contents of these zones is not considered sensitive, however, the zones only need to be used by services hosted in these VPCs, one per geographic region. Each VPC should resolve the names in all zones.

How can you use Amazon route 53 to meet these requirements?

  1. Create a Route 53 Private Hosted Zone for each of the four zones and associate them with the three VPCs.
  2. Create a single Route 53 Private Hosted Zone for the zone company.private. and associate it with the three VPCs.
  3. Create a Route Public 53 Hosted Zone for each of the four zones and configure the VPC DNS Resolver to forward
  4. Create a single Route 53 Public Hosted Zone for the zone company.private. and configure the VPC DNS Resolver to forward

Answer(s): D



An organization is replacing a tape backup system with a storage gateway. there is currently no connectivity to AWS. Initial testing is needed.What connection option should the organization use to get up and running at minimal cost?

  1. Use an internet connection.
  2. Set up an AWS VPN connection.
  3. Provision an AWS Direct Connection private virtual interface.
  4. Provision a Direct Connect public virtual interface.

Answer(s): A



All IP addresses within a 10.0.0.0/16 VPC are fully utilized with application servers across two Availability Zones. The application servers need to send frequent UDP probes to a single central authentication server on the Internet to confirm that it is running up-to-date packages. The network is designed for application servers to use a single NAT gateway for internal access. Testing reveals that a few of the servers are unable to communicate with the authentication server.
What is the reason for this failure?

  1. The NAT gateway does not support UDP traffic.
  2. The authentication server is not accepting traffic.
  3. The NAT gateway cannot allocate more ports.
  4. The NAT gateway is launched in a private subnet.

Answer(s): C



An organization is using a VPC endpoint for Amazon S3. When the security group rules for a set of instances were initially configured, access was restricted to allow traffic only to the IP addresses of the Amazon S3 API endpoints in the region from the published JSON file. The application was working properly, but now is logging a growing number of timeouts when connecting with Amazon S3. No internet gateway is configured for the VPC.

Which solution will fix the connectivity failures with the LEAST amount of effort?

  1. Create a Lambda function to update the security group based on AmazonIPSpaceChanged notifications.
  2. Update the VPC routing to direct Amazon S3 prefix-list traffic to the VPC endpoint using the route table APIs.
  3. Update the application server’s outbound security group to use the prefix-list for Amazon S3 in the same region.
  4. Create an additional VPC endpoint for Amazon S3 in the same route table to scale the concurrent connections to Amazon S3.

Answer(s): C



Page 18 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote