Amazon Web Services udemy selected Ans-c01 Aws Certified Specialty Questions Answers by Ishaan q0 vce pdf

Page: 2 / 21

Exam Name:	Amazon AWS Certified Advanced Networking - Specialty
Exam Code:	ANS-C01 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Specialty
Questions:	290 Q&A's	Shared By:	ishaan

Question 8

A company is creating new features for its ecommerce website. These features will use several microservices that are accessed through different paths. The microservices will run on Amazon Elastic Container Service (Amazon ECS). The company requires the use of HTTPS for all of its public websites. The application requires the customer’s source IP addresses.

A network engineer must implement a load balancing strategy that meets these requirements.

Which combination of actions should the network engineer take to accomplish this goal? (Choose two.)

Options:

Use a Network Load Balancer

Retrieve client IP addresses by using the X-Forwarded-For header

Use AWS App Mesh load balancing

Retrieve client IP addresses by using the X-IP-Source header

Use an Application Load Balancer.

Discussion

Question 9

A company’s network engineer needs to design a new solution to help troubleshoot and detect network anomalies. The network engineer has configured Traffic Mirroring. However, the mirrored traffic is overwhelming the Amazon EC2 instance that is the traffic mirror target. The EC2 instancehosts tools that the company’s security team uses to analyze the traffic. The network engineer needs to design a highly available solution that can scale to meet the demand of the mirrored traffic.

Which solution will meet these requirements?

Options:

Deploy a Network Load Balancer (NLB) as the traffic mirror target. Behind the NLB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring as necessary.

Deploy an Application Load Balancer (ALB) as the traffic mirror target. Behind the ALB, deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring only during non-business hours.

Deploy a Gateway Load Balancer (GLB) as the traffic mirror target. Behind the GLB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring as necessary.

Deploy an Application Load Balancer (ALB) with an HTTPS listener as the traffic mirror target. Behind the ALB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring only during active events or business hours.

Discussion

Question 10

A company has deployed its AWS environment in a single AWS Region. The environment consists of a few hundred application VPCs, a shared services VPC, and a VPN connection to the company’s on-premises environment. A network engineer needs to implement a transit gateway with the following requirements:

• Application VPCs must be isolated from each other.

• Bidirectional communication must be allowed between the application VPCs and the on-premises network.

• Bidirectional communication must be allowed between the application VPCs and the shared services VPC.

The network engineer creates the transit gateway with options disabled for default route table association and default route table propagation. The network engineer also creates the VPN attachment for the on-premises network and creates the VPC attachments for the application VPCs and the shared services VPC.

The network engineer must meet all the requirements for the transit gateway by designing a solution that needs the least number of transit gateway route tables.

Which combination of actions should the network engineer perform to accomplish this goal? (Choose two.)

Options:

Configure a separate transit gateway route table for on premises. Associate the VPN attachment with this transit gateway route table. Propagate all application VPC attachments to this transit gateway route table.

Configure a separate transit gateway route table for each application VPC. Associate each application VPC attachment with its respective transit gateway route table. Propagate the shared services VPC attachment and the VPN attachment to this transit gateway route table.

Configure a separate transit gateway route table for all application VPCs. Associate all application VPCs with this transit gateway route table. Propagate the shared services VPC attachment and the VPN attachment to this transit gateway route table.

Configure a separate transit gateway route table for the shared services VPC. Associate the shared services VPC attachment with this transit gateway route table. Propagate all application VPC attachments to this transit gateway route table.

Configure a separate transit gateway route table for on premises and the shared services VPC. Associate the VPN attachment and the shared services VPC attachment with this transit gateway route table. Propagate all application VPC attachments to this transit gateway route table.

Discussion

Question 11

A banking company is successfully operating its public mobile banking stack on AWS. The mobile banking stack is deployed in a VPC that includes private subnets and public subnets. The company is using IPv4 networking and has not deployed or supported IPv6 in the environment. The company has decided to adopt a third-party service provider's API and must integrate the API with the existing environment. The service provider’s API requires the use of IPv6.

A network engineer must turn on IPv6 connectivity for the existing workload that is deployed in a private subnet. The company does not want to permit IPv6 traffic from the public internet and mandates that the company's servers must initiate all IPv6 connectivity. The network engineer turns on IPv6 in the VPC and in the private subnets.

Which solution will meet these requirements?

Options:

Create an internet gateway and a NAT gateway in the VPC. Add a route to the existing subnet route tables to point IPv6 traffic to the NAT gateway.

Create an internet gateway and a NAT instance in the VPC. Add a route to the existing subnetroute tables to point IPv6 traffic to the NAT instance.

Create an egress-only Internet gateway in the VPAdd a route to the existing subnet route tables to point IPv6 traffic to the egress-only internet gateway.

Create an egress-only internet gateway in the VPC. Configure a security group that denies all inbound traffic. Associate the security group with the egress-only internet gateway.

Discussion

Sarah

Yeah, I was so relieved when I saw that the question appeared in the exam were similar to their exam dumps. It made the exam a lot easier and I felt confident going into it.

Aaliyah Aug 26, 2025

Same here. I've heard mixed reviews about using exam dumps, but for us, it definitely paid off.

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja Aug 4, 2025

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Ava-Rose

Yes! Cramkey Dumps are amazing I passed my exam…Same these questions were in exam asked.

Ismail Aug 25, 2025

Wow, that sounds really helpful. Thanks, I would definitely consider these dumps for my certification exam.

Ernest

That's amazing. I think I'm going to give Cramkey Dumps a try for my next exam. Thanks for telling me about them! CramKey admin please share more questions……You guys are amazing.

Nate Aug 4, 2025

I failed last week, I never know this site , but amazed to see all these questions were in my exam week before. I feel bad now, why I didn’t bother this site. Thanks Cramkey, Excellent Job.

Page: 2 / 21

Title

Questions

Posted

amazon web services.udemy.selected ans-c01 aws certified specialty questions answers.by ishaan.q0.vce.pdf

2025-08-21

amazon web services.spoto.sure pass exam ans-c01 pdf.by kareem.q0.vce.pdf

2025-08-14

amazon web services.selftestengine.new release ans-c01 aws certified specialty questions.by malcolm.q0.vce.pdf

2025-08-15

amazon web services.pass4success.newly released ans-c01 exam pdf.by ivar.q0.vce.pdf

2025-08-01