CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free ANS-C00 Questions Attempt

Page: 2 / 6
Total 154 questions
Get ANS-C00 Full Access Download ANS-C00 PDF

AWS Certified Advanced Networking-Specialty Questions and Answers

Question 5

All IP addresses within a 10.0.0.0/16 VPC are fully utilized with application servers across two Availability Zones. The application servers need to send frequent UDP probes to a single central authentication server on the Internet to confirm that is running up-to-date packages. The network is designed for application servers to use a single NAT gateway for internal access. Testing reveals that a few of the servers are unable to communicate with the authentication server.

Options:

A.

The NAT gateway does not support UDP traffic.

B.

The authentication server is not accepting traffic.

C.

The NAT gateway cannot allocate more ports.

D.

The NAT gateway is launched in a private subnet.

Question 6

A company has two redundant AWS Direct Connect connections to a VPC. The VPC is configured using BGP metrics so that one Direct Connect connection is used as the primary traffic path. The company wants the primary Direct Connect connection to fail to the secondary in less than one second.

What should be done to meet this requirement?

Options:

A.

Configure BGP on the company’s router with a keep-alive to 300 ms and the BGP hold timer to 900 ms.

B.

Enable Bidirectional Forwarding Detection (BFD) on the company’s router with a detection minimum interval of 300 ms and a BFD liveness detection multiplier of 3.

C.

Enable Dead Peer Detection (DPD) on the company’s router with a detection minimum interval of 300 ms and a DPD liveliness detection multiplier of 3.

D.

Enable Bidirectional Forwarding Detection (BFD) echo mode on the company’s router and disable sending the Internet Control Message Protocol (ICMP) IP packet requests.

Question 7

A company uses a newly provisioned 1-Gbps AWS Direct Connect connection to configure a virtual interface for access to Amazon S3

Which configuration values is the network engineer required to provide? (Select TWO.)

Options:

A.

Connection speed

B.

VLAN ID

C.

IP prefixes to advertise

D.

Direct Connect location

E.

Virtual private gateway

Question 8

A company is delivering web content from an Amazon EC2 instance in a public subnet with address 2001 db8 1 100 1 Users report they are unable to access the web content The VPC Flow Logs tor the subnet contain the following entries.

Which action will restore network reachability to the EC2 instance1?

Options:

A.

Update the security group associated with eni-0596e500l23456789 to permit inbound traffic

B.

Update the security group associated with eni-059€«500i234 56~89 to permit outbound traffic

C.

Update the network ACL associated with the subnet to permit inbound traffic

D.

Update the network ACL associated with the subnet to permit outbound traffic

Page: 2 / 6
Total 154 questions
Get ANS-C00 Full Access Download ANS-C00 PDF