CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-Certified-Advanced-Networking-Specialty

Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 42)

Page 42 of 102
PDF with 407 Questions

You manage a website that uses a load balancer. You are noticing one of the servers is receiving more traffic than the other. What is probably the cause of this?

  1. An Elastic Load Balancer sends traffic based on server load. One server must be a larger instance.
  2. You have DNS latency routing set, so it is diverting traffic to a different instance.
  3. You have sticky sessions configured and there are several power users that happen to be on the other server.
  4. The server has more connections available.

Answer(s): C

Explanation:

Sticky sessions can keep users on a particular server throughout their session. Latency routing would route to the load balancer, not the instances. Load balancers use a round-robin algorithm to balance.



Your website is under attack and a malicious party is stealing large amounts of data. You have default NACL rules. Stopping the attack is the ONLY priority in this case. Which two commands should you use? (Choose two.)

  1. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -ingress -rule-number 32768
  2. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -egress rule-number 100
  3. aws ec2 delete-network-acl-entry -network-acl-id acl-5fb84d47 -ingress rule-number 100
  4. aws ec2 create-network-acl-entry -network-acl-id acl-5fb84d47 -ingress rule-number 100 -protocol -1 -port- range From =-1,To =-1 -cidr-block 0.0.0.0/0 -rule-action deny

Answer(s): B,C

Explanation:

You should remove the default allow rules in your NACL and a default deny will be the only rule left for inbound and outbound. If you attempt to create a rule number 100, it will encounter an error as there is already a rule 100.



You are a holdings company that buys many businesses and must integrate their VPCs into your network. You are constantly encountering networks with similar or overlapping subnets.
What is the best way to manage this.

  1. BFD
  2. VRF
  3. A standby router for the overlapping subnets.
  4. A strict IP addressing policy that forces new companies to change the IP addresses of their VPCs.

Answer(s): B

Explanation:

VRF, or Virtual Routing and Forwarding will allow you to have multiple routing tables on your router.



Your company has a high-availability hybrid solution that utilizes a two Direct Connect connections and a backup VPN connection. For some reason, traffic is preferring the VPN connection instead of the direct connection. You have prepended a longer AS_PATH on the VPN connection, but AWS still prefers it over the Direct Connect connections.What might you be able to do to fix this issue?

  1. Advertise a less specific prefix on the VPN.
  2. Remove the prepended AS_PATH.
  3. Reconfigure the VPN as a static VPN instead of dynamic.
  4. Increase the MED on the VPN.

Answer(s): A

Explanation:

The only reason a VPN would be preferred over Direct Connect is if it has a more specific prefix. This was not discussed in the question but is assumed since it is the only criteria in the path selection process that supersedes Direct Connect.



Page 42 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote