Amazon Web Services Related Exams
ANS-C01 Exam
The ANS-C01 exam covers:
Network Design
Network Implementation
Network Management & Operations
Network Security, Compliance, and Governance
The ANS?C01 validates expertise in designing and managing complex cloud and hybrid networks, whereas Amazon Web Services MLS?C01 validates skills in building, training, and deploying machine learning solutions on AWS.
CertsTopics provides ANS-C01 PDF study guides, exam dumps, questions and answers, practice tests, and a testing engine with a success guarantee. Purchasing is simple—just add to cart, proceed with payment, and get instant access.
A company has a VPC that includes application workloads that run on Amazon EC2 instances in a single AWS Region. The company wants to use AWS Local Zones to deploy an extension of the application workloads that run in the Region. The extended workloads in the Local Zone need to communicate bidirectionally with the workloads in the VPC in the Region.
Which solution will meet these requirements MOST cost-effectively?
A development team is building a new web application in the AWS Cloud. The main company domain, example.com. is currently hosted in an Amazon Route 53 public hosted zone in one of the company's production AWS accounts.
The developers want to test the web application in the company's staging AWS account by using publicly resolvable subdomains under the example.com domain with the ability to create and delete DNS records as needed. Developers have full access to Route 53 hosted zones within the staging account, but they are prohibited from accessing resources in any of the production AWS accounts.
Which combination of steps should a network engineer take to allow the developers to create records under the example.com domain? (Select TWO.)
A network engineer needs to deploy an AWS Network Firewall firewall into an existing AWS environment. The environment consists of the following:
A transit gateway with all VPCs attached to it
Several hundred application VPCs
A centralized egress internet VPC with a NAT gateway and an internet gateway
A centralized ingress internet VPC that hosts public Application Load Balancers
On-premises connectivity through an AWS Direct Connect gateway attachment
The application VPCs have workloads deployed across multiple Availability Zones in private subnets with the VPC route table s default route (0.0.0.0/0) pointing to the transit gateway. The Network Firewall firewall needs to inspect east-west (VPC-to-VPC) traffic and north-south (internet-bound and on-premises network) traffic by using Suricata compatible rules.
The network engineer must deploy the firewall by using a solution that requires the least possible architectural changes to the existing production environment.
Which combination of steps should the network engineer take to meet these requirements? (Choose three.)