CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-Certified-Advanced-Networking-Specialty

Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 6)

Page 6 of 102
PDF with 407 Questions

An organization runs a consumer-facing website on AWS. The Amazon EC2-based web fleet is load balanced using the AWS Application Load Balancer, Amazon Route 53 is used to provide the public DNS services.

The following URLs need to server content to end users:

-test.example.com
-web.example.com
-example.com

Based on this information, what combination of services must be used to meet the requirement? (Choose two.)

  1. Path condition in ALB listener to route example.com to appropriate target groups.
  2. Host condition in ALB listener to route *.example.com to appropriate target groups.
  3. Host condition in ALB listener to route example.com to appropriate target groups.
  4. Path condition in ALB listener to route *.example.com to appropriate target groups.
  5. Host condition in ALB listener to route $$$$.example.com to appropriate target groups.

Answer(s): A,C



Under increased cybersecurity concerns, a company is deploying a near real-time intrusion detection system (IDS) solution. A system must be put in place as soon as possible. The architecture consists of many AWS accounts, and all results must be delivered to a central location.
Which solution will meet this requirement, while minimizing downtime and costs?

  1. Deploy a third-party vendor solution to perform deep packet inspection in a transit VPC.
  2. Enable VPC Flow Logs on each VPC. Set up a stream of the flow logs to a central Amazon Elasticsearch cluster.
  3. Enable Amazon Macie on each AWS account and configure central reporting.
  4. Enable Amazon GuardDuty on each account as members of a central account.

Answer(s): D


Reference:

https://aws.amazon.com/blogs/security/how-to-manage-amazon-guardduty-security-findings-across-multiple-accounts/



An organization delivers high-resolution, dynamic web content. Internet users access the content from a variety of platforms, including mobile, tablet and desktop. Each platform receives a customized experience to account for the differences in viewing modes. A dedicated, automatic-scaling fleet of Amazon EC2 instances is used for each platform to server content based on path-based headers.
Which combination of services will MINIMIZE cost and MAXIMIZE performance? (Choose two.)

  1. Amazon CloudFront with Lambda@Edge
  2. Network Load Balancer
  3. Amazon S3 static websites
  4. Amazon Route 53 with traffic flow policies
  5. Application Load Balancer

Answer(s): A,E


Reference:

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-at-the-edge.html



You need to set up a VPN between AWS VPC and your on-premises network. You create a VPN connection in the AWS Management Console, download the configuration file, and install it on your on-premises router. The tunnel is not coming up because of firewall restrictions on your router. Which two network traffic options should you allow through the firewall? (Choose two.)

  1. UDP port 500
  2. IP protocol 50
  3. IP protocol 5
  4. TCP port 50
  5. TCP port 500

Answer(s): A,B


Reference:

https://docs.aws.amazon.com/vpc/latest/userguide/VPC_VPN.html



Page 6 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote