AWS-Certified-Advanced-Networking-Specialty | Top Tips Of Updated AWS-Certified-Advanced-Networking-Specialty Practice Exam

It is impossible to pass Amazon AWS-Certified-Advanced-Networking-Specialty exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Amazon AWS-Certified-Advanced-Networking-Specialty practice questions. You will get a surprising result by our Most recent Amazon AWS Certified Advanced Networking - Specialty practice guides.

Free demo questions for Amazon AWS-Certified-Advanced-Networking-Specialty Exam Dumps Below:

NEW QUESTION 1
By default, all AWS accounts are limited to EIPs, because public (IPv4) Internet addresses are a scarce public resource.

  • A. 5
  • B. 8
  • C. 6
  • D. 2

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

NEW QUESTION 2
In your current role as the corporate network architect - you have decided to replace your existing hardware firewall appliances with a pair of Juniper SRX-Series Services Gateways. You have chosen these as AWS lists these as supportable devices for establishing IPsec connections. With this in mind, select the minimum set of options to ensure that you can establish IPsec connectivity between your on premise private corporate network and your AWS hosted VPC. Select which option is NOT required

  • A. Initiate network connections from somewhere within your corporate network, this is required to bring the tunnels UP
  • B. Deploy a Customer Gateway within your corporate network
  • C. Deploy a Customer Gateway within your VPC
  • D. Deploy a Virtual Private Gateway within your VPC

Answer: B

Explanation:
Reference:
https://aws.amazon.com/vpc/faqs/

NEW QUESTION 3
In AWS, which service provides a reliable and inexpensive way to backup and archive CloudTrail log files?

  • A. Amazon Archiver
  • B. Amazon Glacier
  • C. AWS Storage Gateway
  • D. Amazon Elastic Block Store

Answer: B

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/faqs/

NEW QUESTION 4
You would like to ensure that all Amazon S3 buckets going forward, current and newly created ones, have logging enabled. What type of trigger(s) should you use?

  • A. only a periodic trigger
  • B. only a configuration change trigger
  • C. both configuration change and periodic triggers
  • D. only a transitioning trigger

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config-rules.html

NEW QUESTION 5
Use _____ to get more visibility into the health of your AWS Elastic Beanstalk application and take appropriate actions in case of hardware failure or performance degradation.

  • A. Amazon Elastic Beanstalk command line
  • B. Amazon EC2 log files
  • C. Amazon CloudWatch
  • D. Amazon Load balancing

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.concepts.design.html

NEW QUESTION 6
You can use the _____ command of the AWS Config service CLI to see the compliance state of each resource that AWS Config evaluates for a specific rule.

  • A. describe-compliance-by-resource
  • B. describe-compliance-by-config-rule
  • C. get-compliance-details-by-config-rule
  • D. get-compliance-details-by-config-rule

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_view-compliance.html

NEW QUESTION 7
Which statement is NOT true about accessing remote AWS region in the US by your AWS Direct Connect which is located in the US?

  • A. To connect to a VPC in a remote region, you can use a virtual private network (VPN) connection over your public virtual interface.
  • B. To access public resources in a remote region, you must set up a public virtual interface and establish a border gateway protocol (BGP) session.
  • C. If you have a public virtual interface and established a BGP session to it, your router learns the routes of the other AWS regions in the US.
  • D. Any data transfer out of a remote region is billed at the location of your AWS Direct Connect data transfer rate.

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/remote_regions.html

NEW QUESTION 8
Which CloudWatch attributes are used for the statistics generation?

  • A. All the options are used
  • B. Dimension
  • C. Data point unit
  • D. NameSpace

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html

NEW QUESTION 9
Which other AWS service is used to track ‘Related Events’ within the Configuration Item?

  • A. AWS WAF
  • B. SQS
  • C. AWS CloudTrail
  • D. S3

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#configitem- table

NEW QUESTION 10
When using AWS Config, which two items are stored on S3 as a part of its operation?

  • A. Configuration Items and Configuration History
  • B. Configuration Recorder and Configuration Snapshots
  • C. Configuration History and Configuration Snapshots
  • D. Configuration Snapshots and Configuration Streams

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/config-concepts.html#config-items

NEW QUESTION 11
To get started using AWS Direct Connect, in which of the following steps do you configure Border Gateway Protocol (BGP)?

  • A. Complete the Cross Connect
  • B. Verify your Virtual Interface
  • C. Create a Virtual Interface
  • D. Submit AWS Direct Connect Connection Request

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#createvirtualinterfac

NEW QUESTION 12
The IPsec protocol suite is made up of various components covering aspects such as confidentiality, encryption, and integrity. Select the correct statement below regarding the correct configuration options for ensure IPsec confidentiality:

  • A. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, MD5
  • B. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, AES
  • C. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
  • D. The following protocols may be used to configure IPsec confidentiality, PSK, MD5
  • E. The following protocols may be used to configure IPsec confidentiality, PSK, RSA

Answer: B

Explanation:
Reference:
https://en.wikipedia.org/wiki/IPsec

NEW QUESTION 13
To connect to public AWS products such as Amazon EC2 and Amazon S3 through the AWS Direct Link, which step is NOT required?

  • A. Provide public IP address (/31) for each Border Gateway Protocol (BGP) session.
  • B. Allocate a Private IP address to your network in 172.x.x.x range.
  • C. Provide the public routes that you will advertise over Border Gateway Protocol (BGP).
  • D. Provide a public Autonomous System Number (ASN) that you own or a private one to identify your network on the Internet.

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

NEW QUESTION 14
You can use the ______ page of the AWS Config console to look up resources that AWS Config has discovered, including deleted resources and resources that are not currently being recorded.

  • A. snapshot listing
  • B. configuration history
  • C. resource inventory
  • D. resource database

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/looking-up-discovered-resources.html

NEW QUESTION 15
Which of the following characters is not allowed while creating a Namespace for a CloudWatch metric?

  • A. /
  • B. :
  • C. #
  • D. @

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht ml

NEW QUESTION 16
Convert the following IPv4 address in presented in binary form, into dotted decimal form 10101100.01111011.00001101.10011101

  • A. 172.123.13.157
  • B. 173.13.13.157
  • C. 172.122.13.15
  • D. 172.124.13.57

Answer: A

Explanation:
Reference:
https://en.wikipedia.org/wiki/IPv4

NEW QUESTION 17
With AWS CloudTrail, creating multiple trails in one region allows ______ to focus on one aspect of AWS operation.

  • A. callers
  • B. events
  • C. buckets
  • D. stakeholders

Answer: D

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/faqs/

NEW QUESTION 18
An AWS CloudTrail log file provides the identity and source IP address of the API caller, and a time of the API call, request parameters, and _____ .

  • A. response elements
  • B. event selectors
  • C. port alarms
  • D. destination buckets

Answer: A

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/

NEW QUESTION 19
From the following options, select the answer that correctly describes the implementation of the HTTP protocol

  • A. By definition, HTTP is a connection-less oriented protocol and therefore utilises TCP
  • B. By definition, HTTP is a connection orientated protocol and therefore utilises TCP
  • C. By definition, HTTP is a connection-less oriented protocol and therefore utilises UDP
  • D. By definition, HTTP can be configured to be either connection or connection-less oriented - by specifying the appropriate HTTP header.

Answer: B

Explanation:
Reference:
https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol

NEW QUESTION 20
Considering the rules of IPv4 subnetting, how many subnets and hosts per subnet are possible given the following network 192.168.130.130/28? (in this question ignore the fact that AWS reserves 5 IP addresses)

  • A. 8 subnets and 30 hosts per subnet
  • B. 16 subnets and 14 hosts per subnet
  • C. 32 subnets and 30 hosts per subnet
  • D. 8 subnets and 14 hosts per subnet

Answer: B

Explanation:
Reference:
https://en.wikipedia.org/wiki/IPv4_subnetting_reference

NEW QUESTION 21
In Amazon CloudFront, if you need to quickly remove objects from a distribution, you can:

  • A. delete the objects from cache.
  • B. invalidate the objects.
  • C. remove your Amazon S3 bucket.
  • D. delete your distribution and recreate i

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AddRemoveReplaceObject s.html

NEW QUESTION 22
Fill in the blanks: One of the basic characteristics of security groups for your VPC is that you ______ .

  • A. can specify allow rules, but not deny rules
  • B. can specify deny rules, but not allow rules
  • C. can specify allow rules as well as deny rules
  • D. can neither specify allow rules nor deny rules

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

NEW QUESTION 23
Over which of the following Ethernet standards does AWS Direct Connect link your internal network to an AWS Direct Connect location?

  • A. Copper backplane cable
  • B. Twisted pair cable
  • C. Single mode fiber-optic cable
  • D. Shielded balanced copper cable

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

NEW QUESTION 24
AWS CloudTrail can be configured to _____ log files across multiple accounts and regions so that log
files are delivered to a single bucket.

  • A. aggregate
  • B. disperse
  • C. replicate
  • D. encrypt

Answer: A

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/

NEW QUESTION 25
An unfortunate situation has just come to your attention. A business critical application with
sensitive data running on-prem will run out of storage disk space in 24hrs. This business critical application is dependent a very large set of routes - required for integration with other system. You make a quick but well informed decision to migrate this application quickly to AWS. You are able to quickly launch a new VPC and within it equivalent infrastructure to re-home the application. In order to complete the replication of application data and ensure the application remains operational
beyond the next 24hrs, select the best implementation.

  • A. Within the new VPC - establish a Direct Connect connection with max 10Gbps port speed for data replicatio
  • B. Establish a 802.1Q VLAN and configure a Virtual Private Gateway and Private Virtual Interface, and ensure Jumbo Frames is enabled.
  • C. Within the new VPC - deploy a Virtual Private Gateway, Customer Gateway, and establish a new IPsec VPN Connection with BGP dynamic routing
  • D. Within the new VPC - deploy a Virtual Private Gateway, Customer Gateway, and establish a new IPsec VPN Connection with static routing, and ensure Jumbo Frames is enabled.
  • E. Within the new VPC - deploy a software based virtual router (for example a Cisco CSR). Configure with dual ENIs (external and internal), create and attach an EIP to the external ENI, Configure and setup IPsec VPN tunnels, and ensure Jumbo Frames is enabled.

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/NetworkAdminGuide/GenericConfig.html

NEW QUESTION 26
......

P.S. DumpSolutions.com now are offering 100% pass ensure AWS-Certified-Advanced-Networking-Specialty dumps! All AWS-Certified-Advanced-Networking-Specialty exam questions have been updated with correct answers: https://www.dumpsolutions.com/AWS-Certified-Advanced-Networking-Specialty-dumps/ (76 New Questions)