Amazon Web Services Related Exams
ANS-C01 Exam
The ANS-C01 exam covers:
Network Design
Network Implementation
Network Management & Operations
Network Security, Compliance, and Governance
The ANS?C01 validates expertise in designing and managing complex cloud and hybrid networks, whereas Amazon Web Services MLS?C01 validates skills in building, training, and deploying machine learning solutions on AWS.
CertsTopics provides ANS-C01 PDF study guides, exam dumps, questions and answers, practice tests, and a testing engine with a success guarantee. Purchasing is simple—just add to cart, proceed with payment, and get instant access.
A retail company is running its service on AWS. The company’s architecture includes Application Load Balancers (ALBs) in public subnets. The ALB target groups are configured to send traffic tobackend Amazon EC2 instances in private subnets. These backend EC2 instances can call externally hosted services over the internet by using a NAT gateway.
The company has noticed in its billing that NAT gateway usage has increased significantly. A network engineer needs to find out the source of this increased usage.
Which options can the network engineer use to investigate the traffic through the NAT gateway? (Choose two.)
A company's network engineer is designing an active-passive connection to AWS from two on-premises data centers. The company has set up AWS Direct Connect connections between the on-premises data centers and AWS. From each location, the company is using a transit VIF that connects to a Direct Connect gateway that is associated with a transit gateway.
The network engineer must ensure that traffic from AWS to the data centers is routed first to the primary data center. The traffic should be routed to the failover data center only in the case of an outage.
Which solution will meet these requirements?
An education agency is preparing for its annual competition between schools. In the competition, students at schools from around the country solve math problems, complete puzzles, and write essays.
The IP addressing plan of all the schools is well-known and is administered centrally. The competition is hosted in the AWS Cloud and is not publicly available. All competition traffic must be encrypted in transit. Only authorized endpoints can access the competition. All the schools have firewall policies that block ICMP traffic.
A network engineer builds a solution in which all the schools access the competition through AWS Site-to-Site VPN connections. The network engineer uses BGP as the routing protocol. The network engineer must implement a solution that notifies schools when they lose connectivity and need to take action on their premises to address the issue.
Which combination of steps will meet these requirements MOST cost-effectively? (Choose two.)