CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-Certified-Advanced-Networking-Specialty

Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 3)

Page 3 of 102
PDF with 407 Questions

Refer to the image.

You have three VPCs: A, B, and C. VPCs A and C are both peered with VPC B. The IP address ranges are as follows:

-VPC A: 10.0.0.0/16
-VPC B: 192.168.0.0/16
-VPC C: 10.0.0.0/16

Instance i-1 in VPC A has the IP address 10.0.0.10. Instance i-2 in VPC C has the IP address 10.0.0.10. Instances i-3 and i-4 in VPC B have the IP addresses 192.168.1.10 and 192.168.1.20, respectively, i-3 and i-4 are in the subnet 192.168.1.0/24.

-i-3 must be able to communicate with i-1
-i-4 must be able to communicate with i-2
-i-3 and i-4 are able to communicate with i-1, but not with i-2.

Which two steps will fix this problem? (Choose two.)

  1. Create subnets 192.168.1.0/28 and 192.168.1.16/28. Move i-3 and i-4 to these subnets, respectively.
  2. Create subnets 192.168.1.0/27 and 192.168.1.16/27. Move i-3 and i-4 to these subnets, respectively.
  3. Change the IP address of i-2 to 10.0.0.100. Assign it an elastic IP address.
  4. Create a new route table for VPC B, with unique route entries for destination VPC A and destination VPC C.
  5. Create two route tables: one with a route for destination VPC A, and another for destination VPC C.

Answer(s): A,E



A legacy, on-premises web application cannot be load balances effectively. There are both planned and unplanned events that cause usage spikes to millions of concurrent users. The existing infrastructure cannot handle the usage spikes. The CIO has mandated that the application be moved to the cloud to avoid further disruptions, with the additional requirement that source IP addresses be unaltered to support network traffic- monitoring needs. Which of the following designs will meet these requirements?

  1. Use an Auto Scaling group of Amazon EC2 instances behind a Classic Load Balancer.
  2. Use an Auto Scaling group of EC2 instances in a target group behind an Application Load Balancer.
  3. Use an Auto Scaling group of EC2 instances in a target group behind a Classic Load Balancer.
  4. Use an Auto Scaling group of EC2 instances in a target group behind a Network Load Balancer.

Answer(s): D



An organization processes consumer information submitted through its website. The organization’s security policy requires that personally identifiable information (PII) elements are specifically encrypted at all times and as soon as feasible when received. The front-end Amazon EC2 instances should not have access to decrypted PII. A single service within the production VPC must decrypt the PII by leveraging an IAM role.Which combination of services will support these requirements? (Choose two.)

  1. Amazon Aurora in a private subnet
  2. Amazon CloudFront using AWS Lambda@Edge
  3. Customer-managed MySQL with Transparent Data Encryption
  4. Application Load Balancer using HTTPS listeners and targets
  5. AWS Key Management Services

Answer(s): C,E


Reference:

https://noise.getoto.net/tag/aws-kms/



A Lambda function needs to access the private address of an Amazon ElastiCache cluster in a VPC. The Lambda function also needs to write messages to Amazon SQS. The Lambda function has been configured to run in a subnet in the VPC.

Which of the following actions meet the requirements? (Choose two.)

  1. The Lambda function needs an IAM role to access Amazon SQS
  2. The Lambda function must route through a NAT gateway or NAT instance in another subnet to access the public SQS API.
  3. The Lambda function must be assigned a public IP address to access the public Amazon SQS API.
  4. The ElastiCache server outbound security group rules must be configured to permit the Lambda function’s security group.
  5. The Lambda function must consume auto-assigned public IP addresses but not elastic IP addresses.

Answer(s): A,C


Reference:

https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/



Page 3 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote