Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 221–230 of 468

Q221

A company needs to connect on-premises servers to AWS resources securely. What should they use?

  • A VPC Peering
  • B AWS Direct Connect
  • C VPN Gateway
  • D AWS Transit Gateway
Explanation AWS Direct Connect provides a private connection, unlike the others which are not as direct.
Q222

What happens when a security group rule is changed to allow new inbound traffic?

  • A Immediate effect for running instances
  • B Effects only new instances
  • C Requires instance restart
  • D Rules must be deleted first
Explanation Security group changes take immediate effect on instances, while others are incorrect in context.
Q223

Which service helps to secure and manage network communication within Amazon VPC?

  • A AWS Transit Gateway
  • B VPC Peering
  • C AWS Direct Connect
  • D AWS Site-to-Site VPN
Explanation AWS Transit Gateway simplifies and secures VPC communications, while others fulfill different networking needs.
Q224

A company needs to ensure that their network routing configuration adapts dynamically to changes. What is the best solution?

  • A Use Static Routing
  • B Configure BGP with AWS Direct Connect
  • C Implement Route 53
  • D Enable Network ACLs
Explanation BGP allows for dynamic adjustments in routing, whereas static routing requires manual updates.
Q225

You are configuring AWS Firewall Manager. What happens when a new resource is added to an account with an existing policy?

  • A Policies must be reapplied manually.
  • B The new resource automatically inherits policies.
  • C Firewall rules will block the new resource.
  • D New resources are excluded by default.
Explanation New resources inherit policies automatically, negating the need for manual updates.
Q226

Which AWS service enables private connectivity to VPCs and on-premises networks?

  • A AWS Direct Connect
  • B Amazon Route 53
  • C AWS CloudFront
  • D AWS Global Accelerator
Explanation AWS Direct Connect provides dedicated network connections, while others scale for DNS or content delivery.
Q227

A company needs to detect anomalies in their AWS CloudTrail logs with minimal setup. Which solution should they use?

  • A AWS Lambda scripts
  • B Amazon GuardDuty
  • C AWS Inspector
  • D Amazon CloudWatch Metrics
Explanation Amazon GuardDuty automatically analyzes logs for anomalies, unlike the other options requiring more setup or are not log-focused.
Q228

You are configuring a Virtual Private Cloud (VPC) with public and private subnets. What happens if you mistakenly assign a Route Table with no internet gateway to your public subnet?

  • A Public subnet becomes private
  • B Internet access is still available
  • C Instances lose private IP addresses
  • D Instances will not access the internet
Explanation Without an internet gateway, instances in a public subnet cannot access the internet, unlike the other options which misinterpret the route configurations.
Q229

Which Amazon service enables you to create a dedicated network connection from your on-premises network to AWS?

  • A AWS Direct Connect
  • B AWS VPN
  • C Amazon Route 53
  • D AWS Transit Gateway
Explanation AWS Direct Connect provides a dedicated network connection, while the others offer different connectivity options.
Q230

A company needs to connect multiple AWS accounts and on-premises systems with minimal latency. What solution should they consider?

  • A AWS Transit Gateway
  • B VPC Peering
  • C AWS Site-to-Site VPN
  • D AWS PrivateLink
Explanation AWS Transit Gateway simplifies network management between multiple accounts and on-premises with low latency.