Amazon AWS

AWS Certified Advanced Networking – Specialty

ANS-C01
Popular

The AWS Certified Advanced Networking – Specialty (ANS-C01) exam validates your skills in designing and implementing AWS networking solutions. It is suitable for networking professionals looking to specialize in AWS.

468 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 468

Q51

You are configuring a security group. What happens if you add an inbound rule that allows 0.0.0.0/0 on TCP port 22?

  • A SSH is restricted to internal IPs
  • B Any IP can SSH into the instance
  • C SSH is disabled on the instance
  • D Only AWS can access the instance
Explanation Allowing 0.0.0.0/0 on TCP port 22 opens SSH access to any IP address, which is generally unsafe.
Q52

Which service is used for high-performance computing in AWS?

  • A Amazon EC2
  • B Amazon S3
  • C AWS Lambda
  • D Amazon RDS
Explanation Amazon EC2 is designed for high-performance computing, while the others serve different functions.
Q53

A company needs to connect its on-premises network to AWS securely and consistently. Which hybrid solution should they consider?

  • A AWS Direct Connect
  • B AWS VPN
  • C Amazon Route 53
  • D AWS Transit Gateway
Explanation AWS Direct Connect provides a dedicated line for secure connectivity, unlike the others which do not offer dedicated options.
Q54

You are configuring an AWS VPC with subnets. What happens when you create a route in the route table to a public subnet?

  • A Access to the internet is blocked.
  • B Instances cannot communicate internally.
  • C Instances gain internet access.
  • D Routes are ignored by AWS.
Explanation Creating a route to a public subnet allows instances to access the internet directly, while others incorrectly describe the outcome.
Q55

Which service allows you to automate network configurations?

  • A AWS Config
  • B AWS CloudFormation
  • C AWS Elastic Beanstalk
  • D AWS OpsWorks
Explanation AWS CloudFormation automates infrastructure setup using templates; others do not primarily focus on automation of network configurations.
Q56

A company needs to ensure their VPC security while allowing internal applications to communicate. Which solution best fits this requirement?

  • A Use public IPs for all services
  • B Implement security groups and network ACLs
  • C Configure a VPN connection
  • D Use NAT Gateways exclusively
Explanation Security groups and network ACLs manage internal traffic effectively; other options either expose the network or don’t facilitate internal communication optimally.
Q57

What happens when you set an incorrect route table to your VPC subnet?

  • A VPC becomes unreachable
  • B Instances lose internet access
  • C Instances receive incorrect IPs
  • D Network latency increases
Explanation Setting an incorrect route table generally hinders internet access for instances; it does not make the VPC unreachable or affect IP addressing or latency directly.
Q58

Which AWS service automatically adjusts capacity based on demand?

  • A AWS Auto Scaling
  • B Amazon S3
  • C Amazon CloudFront
  • D AWS Lambda
Explanation AWS Auto Scaling dynamically manages resources; others do not automatically adjust capacity.
Q59

A company needs to securely manage access to AWS resources. What should they use?

  • A AWS IAM Roles
  • B Amazon EC2 Security Groups
  • C AWS CloudTrail
  • D Amazon Route 53
Explanation AWS IAM Roles provide secure access control; other options do not manage access directly.
Q60

You are configuring a VPC peering connection. What happens when the CIDR blocks overlap?

  • A Peering succeeds with warnings.
  • B Peering fails to establish.
  • C Traffic is automatically rerouted.
  • D Overlap is ignored.
Explanation Peering fails when CIDR blocks overlap; others misrepresent the outcome.