Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 301–310 of 468

Q301

Which AWS service enables hybrid cloud connectivity?

  • A AWS Direct Connect
  • B AWS Lambda
  • C Amazon S3
  • D Amazon RDS
Explanation AWS Direct Connect facilitates private connectivity to AWS, while the others serve different roles.
Q302

A company requires low-latency access for real-time data analysis. Which AWS service should they consider?

  • A Amazon S3
  • B Amazon Redshift
  • C Amazon RDS
  • D AWS Glue
Explanation Amazon Redshift is optimized for high-performance analytics, unlike the other options which are not designed for low-latency scenarios.
Q303

You are configuring an AWS VPC with public and private subnets. Which attribute must the NAT Gateway have?

  • A Public IP address
  • B Security Group attached
  • C Instance type defined
  • D Route Table set
Explanation The NAT Gateway needs a public IP to facilitate internet access for private subnet resources, while others are not essential for its basic function.
Q304

Which service enables you to run Kubernetes applications on AWS?

  • A EKS (Elastic Kubernetes Service)
  • B EC2 (Elastic Compute Cloud)
  • C Lambda
  • D S3 (Simple Storage Service)
Explanation EKS is specifically designed for Kubernetes, while EC2 and S3 serve different purposes.
Q305

A company needs to enforce encryption on their Amazon S3 buckets. What should they implement?

  • A IAM user policies
  • B S3 Bucket Policies
  • C S3 Object Locking
  • D S3 Server-Side Encryption
Explanation S3 Server-Side Encryption ensures all objects are encrypted when stored, while other options do not enforce encryption directly.
Q306

What happens when you configure a VPC with a CIDR block of 10.0.0.0/8?

  • A All IPs from 10.0.0.0 to 10.255.255.255
  • B Limited to 16 subnetworks
  • C No public IPs available
  • D Total IPs capped at 65,536
Explanation 10.0.0.0/8 allows for 16,777,216 addresses, but option A captures the full range correctly.
Q307

Which service is best for monitoring network health in AWS?

  • A Amazon CloudWatch
  • B AWS Config
  • C Amazon GuardDuty
  • D AWS CloudTrail
Explanation Amazon CloudWatch provides real-time monitoring of network and system performance, whereas the others serve different monitoring purposes.
Q308

A company needs to connect on-premises data centers to AWS securely. Which service should they use?

  • A AWS Direct Connect
  • B Amazon VPC Peering
  • C AWS VPN CloudHub
  • D Amazon Route 53
Explanation AWS Direct Connect establishes a dedicated network connection, while the others do not provide dedicated connectivity.
Q309

You are configuring security for a transit gateway. What happens if you misconfigure route propagation?

  • A Traffic flows as intended.
  • B Route tables are automatically updated.
  • C No traffic between VPCs can flow.
  • D Only on-premises traffic is routed.
Explanation Misconfigured route propagation can prevent traffic flow between connected VPCs, while others incorrectly imply functionality that doesn’t exist.
Q310

Which service enables private connectivity between VPCs?

  • A VPC Peering
  • B AWS Direct Connect
  • C VPN Gateway
  • D AWS Transit Gateway
Explanation VPC Peering allows private connectivity between VPCs; Direct Connect is for on-premise connectivity, VPN Gateway links with on-premise, and Transit Gateway helps with routing between multiple VPCs.