Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 331–340 of 468

Q331

Which service provides direct connectivity to AWS?

  • A AWS Direct Connect
  • B Amazon S3
  • C AWS Lambda
  • D Amazon CloudFront
Explanation AWS Direct Connect enables dedicated network connections to AWS, while others serve different functions.
Q332

A company needs to secure traffic across hybrid cloud environments. Which solution should they implement?

  • A VPC Peering
  • B AWS VPN
  • C Route 53
  • D CloudWatch
Explanation AWS VPN establishes secure connections, while VPC Peering lacks encryption features.
Q333

What happens when a Network ACL denies HTTP traffic from a specific CIDR block?

  • A Traffic is allowed but logged
  • B Traffic is automatically redirected
  • C Traffic is denied and dropped
  • D Traffic is only logged
Explanation Denial in a Network ACL results in immediate traffic drop without processing further, unlike logging or redirection.
Q334

Which service enables VPC peering between AWS accounts?

  • A AWS Direct Connect
  • B AWS Transit Gateway
  • C AWS VPN
  • D AWS Route 53
Explanation AWS Transit Gateway is specifically built for managing VPC peering across accounts, while others serve different purposes.
Q335

A company needs to securely connect on-premises data centers to AWS. Which solution is recommended?

  • A AWS Storage Gateway
  • B AWS Direct Connect
  • C VPN Gateway
  • D Amazon S3
Explanation AWS Direct Connect provides a dedicated network connection to AWS, which enhances security and reliability compared to internet-based solutions.
Q336

What happens when you deploy a network ACL with an ambiguous rule?

  • A The rule is ignored
  • B All traffic is blocked
  • C Default rule applies
  • D Traffic is allowed
Explanation In case of ambiguous rules in network ACLs, the default rule (deny all) is applied for unmatched cases, making traffic blocked unless explicitly allowed.
Q337

Which service provides dedicated connectivity to AWS?

  • A AWS Direct Connect
  • B AWS VPN
  • C AWS Transit Gateway
  • D AWS CloudFormation
Explanation AWS Direct Connect allows for dedicated network connections, whereas the others provide varying forms of virtual connectivity.
Q338

A company needs to ensure high availability for their web applications across multiple regions. What should they implement?

  • A Amazon RDS Multi-AZ
  • B AWS Global Accelerator
  • C EC2 Auto Scaling
  • D VPC Peering
Explanation AWS Global Accelerator optimizes network routing for high availability across regions, while the others do not primarily deal with cross-region traffic optimization.
Q339

What happens when you assign a security group to a resource in AWS?

  • A Blocks all inbound traffic
  • B Allows all outbound traffic
  • C Applies only to EC2 instances
  • D Controls allowed network traffic
Explanation Security groups act as virtual firewalls to control inbound and outbound traffic; the other options do not accurately describe their function.
Q340

Which service provides low-latency access to static content?

  • A Amazon CloudFront
  • B Amazon RDS
  • C Amazon EC2
  • D AWS Lambda
Explanation Amazon CloudFront is a CDN for static content, whereas RDS is for databases, EC2 is for compute, and Lambda is for serverless computing.