Amazon (ANS-C01) Exam Questions And Answers page 33
You have several Amazon Glacier vaults you would like to monitor. How might you monitor those vaults?
Use an AWS master Config rule.
Use an AWS managed Config rule.
Create a KMS policy and attach it to your Amazon Glacier vault.
AWS Networking Services
Network Security and Optimization
You have several VPCs that are peered. Each VPC has several routes to different subnets. Over the years, your company has acquired many companies. You find that traffic destined for one VPC ends up going to another.
What is the best way to remedy this?
What is the best way to remedy this?
Move the route table entry for the proper VPC higher in the list.
Adjust your routes so the proper VPC has a higher CIDR.
Move the route table entry for the proper VPC lower in the list.
Adjust your routes so the proper VPC has a lower CIDR.
AWS Networking Services
Network Security and Optimization
You have to set up an AWS Direct Connect connection to connect your on-premises to an AWS VPC. Due to budget requirements, you can only provision a single Direct Connect port. You have two border gateway routers at your on-premises data center that can peer with the Direct Connect routers for redundancy.
Which two design methodologies, in combination, will achieve this connectivity? (Choose two.)
Which two design methodologies, in combination, will achieve this connectivity? (Choose two.)
Terminate the Direct Connect circuit on a L2 border switch, which in turn has trunk connections to the two routers.
Create two Direct Connect private VIFs for the same VPC, each with a different peer IP.
Terminate the Direct Connect circuit on any of the one routers, which in turn will have an IBGP session with the other router.
Create one Direct Connect private VIF for the VPC with two customer peer IPs.
Provision two VGWs for the VPC and create one Direct Connect private VIF per VGW.
Networking Fundamentals
AWS Networking Services
You have two autoscaling groups in your VPC. One deploys servers that host the index of your website and another that deploys servers that host the images for your website. What three steps would you take to ensure the right servers are used for the right purpose? (Choose three.)
Create a path-based routing rule to route traffic destined for "/" to target group 1 and "/*.jpg" to target group 2.
Create two target groups and associate them with each autoscaling group.
Configure a Classic Load Balancer
Configure an Application Load Balancer
Networking Fundamentals
AWS Networking Services
You have two Direct Connect connections and two VPN connections to your network. Site A is VPN 10.1.0.0/24 AS 65000 65000, Site B is VPN 10.1.0.252/30 AS 65000, Site C is DX 10.0.0.0/8 AS 65000 and Site D is DX 10.0.0.0/16 AS 65000 65000 65000. Which site will AWS choose to reach your network?
Site A: VPN 10.0.1.0/24 AS 65000 65000
Site B: VPN 10.0.1.252/30 AS 65000 65000 65000
Site C: DX 10.0.0.0/8 AS 65000
Site D: DX 10.0.0.0/16
Networking Fundamentals
AWS Networking Services
You have two enhanced networking capable instances in a placement group. One with an Intel network interface and one with an ENA.
What network speed will be achieved between the two?
What network speed will be achieved between the two?
10Gbps
20Gbps
5Gbps
You cannot have different network interfaces in a placement group.
Networking Fundamentals
AWS Networking Services
You have two placement groups in a VPC. What communication speed can be expected between the two placement groups?
20Gbps
5Gbps
10Gbps
You cannot communicate between two placement groups.
AWS Networking Services
You have two public applications on different domains that use two front-end servers and two back-end servers each. You wish to achieve high availability for both applications. What two options should you configure? (Choose two.)
Route 53: 2 public zones and 2 private zones.
Route 53: 2 public zones and 1 private zone.
3 load balancers: 2 public and 1 internal.
4 load balancers: 2 public and 2 internal.
Networking Fundamentals
Network Security and Optimization
You have two VPCs that require DNS resolution from your on-premises data center. You want to have a DNS server in the cloud, but you don't want to have multiple DNS servers.
What two steps should you take? (Choose two.)
What two steps should you take? (Choose two.)
Peer the VPCs and set up routes between them.
Create a VPN between the two VPCs
Configure DHCP option sets in both VPCs to point to the DNS server.
Configure a Route 53 record to forward all DNS requests to the DNS server.
AWS Networking Services
Network Security and Optimization
You have two VPCs that you need to connect to an on-premises datacenter using VPNs. When you create the tunnels, you find that both tunnels use the same addresses. What two things can you do to overcome this? (Choose two.)
Delete the VPN, create a "dummy VPN", recreate the VPN, then delete the "dummy" VPN.
Delete your AWS account and create a new one since the VPN tunnel addresses are created from a hash of your account number and a proprietary algorithm.
Create a VHF within you router for each network.
Create a VRF within your router for each network.
Networking Fundamentals
Network Security and Optimization
Comments