Exam Name: | Amazon AWS Certified Advanced Networking - Specialty | ||
Exam Code: | ANS-C01 Dumps | ||
Vendor: | Amazon Web Services | Certification: | AWS Certified Specialty |
Questions: | 110 Q&A's | Shared By: | ben |
A company hosts an application on Amazon EC2 instances behind an Application Load Balancer (ALB). The company recently experienced a network security breach. A network engineer must collect and analyze logs that include the client IP address, target IP address, target port, and user agent of each user that accesses the application.
What is the MOST operationally efficient solution that meets these requirements?
A software-as-a-service (SaaS) provider hosts its solution on Amazon EC2 instances within a VPC in the AWS Cloud. All of the provider's customers also have their environments in the AWS Cloud.
A recent design meeting revealed that the customers have IP address overlap with the provider's AWS deployment. The customers have stated that they will not share their internal IP addresses and that they do not want to connect to the provider's SaaS service over the internet.
Which combination of steps is part of a solution that meets these requirements? (Choose two.)
A company is planning a migration of its critical workloads from an on-premises data center to Amazon EC2 instances. The plan includes a new 10 Gbps AWS Direct Connect dedicated connection from the on-premises data center to a VPC that is attached to a transit gateway. The migration must occur over encrypted paths between the on-premises data center and the AWS Cloud.
Which solution will meet these requirements while providing the HIGHEST throughput?
A network engineer is working on a large migration effort from an on-premises data center to an AWS Control Tower based multi-account environment. The environment
has a transit gateway that is deployed to a central network services account. The central network services account has been shared with an organization in AWS
Organizations through AWS Resource Access Manager (AWS RAM).
A shared services account also exists in the environment. The shared services account hosts workloads that need to be shared with the entire organization.
The network engineer needs to create a solution to automate the deployment of common network components across the environment. The solution must provision a
VPC for application workloads to each new and existing member account. The VPCs must be connected to the transit gateway in the central network services account.
Which combination of steps will meet these requirements with the LEAST operational overhead? (Select THREE.)