Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 401–410 of 468

Q401

A company needs to analyze large volumes of streaming data with minimal delays. Which AWS service should they use?

  • A Amazon Kinesis
  • B Amazon SQS
  • C AWS Glue
  • D Amazon RDS
Explanation Amazon Kinesis is optimized for real-time streaming data analysis, unlike the other options.
Q402

You are configuring a VPC peering connection between two VPCs. What happens if their CIDR blocks overlap?

  • A Peering succeeds with limitations
  • B Peering fails entirely
  • C Traffic routes but is unreliable
  • D No effect on communication
Explanation VPC peering can only be established with non-overlapping CIDR blocks, making it fail if they overlap.
Q403

You are configuring a VPC peering connection between two VPCs. What must you ensure to facilitate this connection?

  • A Different IP address ranges
  • B Same Availability Zone
  • C Same AWS account
  • D Routing table updates
Explanation Routing table updates are required to direct traffic through the peering. Options A, B, and C do not meet VPC peering requirements.
Q404

A company needs to enforce mandatory logging for their API Gateway but is unsure how to do it. Which step should they take?

  • A Enable CloudTrail logs
  • B Set up Lambda logging
  • C Enable Access Logs in API settings
  • D Create S3 bucket for logs
Explanation Enabling Access Logs in the API settings directly enforces logging for API Gateway. Options A, B, and D do not directly meet the requirement for API Gateway logging.
Q405

What happens when you alter a Security Group rule associated with an EC2 instance while the instance is running?

  • A Changes apply immediately
  • B Requires instance restart
  • C Changes apply after an hour
  • D Only new connections are affected
Explanation Changes to a Security Group apply immediately to associated resources. Options B, C, and D misrepresent the behavior of Security Group changes.
Q406

Which AWS service is designed for high-throughput data processing of stream data?

  • A Amazon Kinesis
  • B AWS Lambda
  • C Amazon S3
  • D Amazon EC2
Explanation Amazon Kinesis specializes in real-time processing, unlike others focused on storage or compute.
Q407

A company needs to isolate network traffic between different AWS accounts. What should they use?

  • A VPC Peering
  • B Transit Gateway
  • C VPC Endpoints
  • D AWS Direct Connect
Explanation Transit Gateway allows secure network segmentation across accounts, while others do not provide isolation.
Q408

You are configuring Route 53 health checks. What happens when a health check fails?

  • A Route 53 stops all queries
  • B Route 53 invokes an alarm
  • C Route 53 returns the last good response
  • D Route 53 routes traffic to a standby
Explanation Route 53 actively reroutes traffic to healthy endpoints upon failure, rather than halting traffic or invoking alarms.
Q409

Which service enables the management of private DNS namespaces within a VPC?

  • A Amazon Route 53
  • B AWS Global Accelerator
  • C AWS CloudFormation
  • D Amazon ES
Explanation Amazon Route 53 allows private DNS management in VPCs, while the others serve different purposes.
Q410

A company needs to ensure that all traffic between its VPC and on-premises network is encrypted. What should they implement?

  • A VPN connection
  • B Direct Connect
  • C NAT Gateway
  • D VPC Peering
Explanation A VPN connection encrypts traffic while the others do not provide this encryption natively.