Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 321–330 of 468

Q321

What happens when you configure an EC2 instance with 'public IP' disabled in a VPC subnet with route to the internet?

  • A Instance cannot connect to the internet
  • B Instance receives a private IP only
  • C Instance remains fully accessible externally
  • D Instance can connect using VPC Peering
Explanation Disabling public IP prevents internet connectivity, contrary to the other options.
Q322

Which service enables private connectivity to AWS without using public internet?

  • A AWS Direct Connect
  • B Amazon CloudFront
  • C AWS VPN
  • D AWS Route 53
Explanation AWS Direct Connect provides a direct connection to AWS, while the other options involve internet reliance or DNS functions.
Q323

A company needs to ensure routing policies are highly available and distributed across multiple locations. What AWS service should they use?

  • A AWS Global Accelerator
  • B Amazon Route 53
  • C AWS Transit Gateway
  • D EC2 Auto Scaling
Explanation Amazon Route 53 offers scalable routing policies, while the others focus on traffic performance or individual resource management.
Q324

You are configuring a VPC Peering connection between two VPCs. What should you ensure regarding IP address ranges?

  • A IP ranges must overlap.
  • B IP ranges must be disjoint.
  • C IP ranges can be the same.
  • D No requirement on IP ranges.
Explanation VPC Peering requires disjoint IP ranges to avoid routing conflicts, while overlapping ranges lead to failures.
Q325

Which service allows VPC peering between regions?

  • A AWS Direct Connect
  • B VPC Peering
  • C AWS Transit Gateway
  • D Amazon Route 53
Explanation AWS Transit Gateway enables inter-region VPC peering, while others serve different functions.
Q326

You are configuring a DDoS protection. What do you implement?

  • A AWS Direct Connect
  • B AWS Shield
  • C AWS Inspector
  • D Amazon S3
Explanation AWS Shield is specifically built for DDoS protection, whereas others serve different purposes.
Q327

What happens when a subnet exceeds its available IP address limits?

  • A No new resources can be launched
  • B Subnet automatically allocates more IPs
  • C Existing resources are terminated
  • D Access to the subnet is revoked
Explanation When a subnet limits are reached, you cannot launch additional resources unless you free up IPs.
Q328

Which service provides up to 1 millisecond latency for local data access?

  • A Amazon ElastiCache
  • B Amazon S3
  • C Amazon RDS
  • D Amazon DynamoDB
Explanation DynamoDB is optimized for low-latency access, while others do not guarantee this level of performance.
Q329

A company needs to restrict API calls to specific actions in AWS. What feature should they use?

  • A IAM Roles
  • B MAC Policies
  • C Resource Policies
  • D IAM Policies
Explanation IAM Policies specifically grant or deny API actions, unlike the other options.
Q330

What happens when you enable VPC flow logs on a subnet?

  • A All traffic is allowed
  • B Traffic filtering occurs
  • C Network performance improves
  • D Traffic data is logged
Explanation VPC flow logs capture network traffic information for analysis, the other options are incorrect regarding flow logs' functionality.