Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps

You are configuring a virtual interface for access to your VPC on a newly provisioned 1-Gbps AWS Direct Connect connection. Which two configuration values do you need to provide? (Select two.)

1. A. Public AS number
2. B. VLAN ID
3. C. IP prefixes to advertise
4. D. Direct Connect location
5. E. Virtual private gateway

Correct Answer: BE
References: https://aws.amazon.com/directconnect/faqs/

An organization is migrating its on-premises applications to AWS by using a lift-and-shift approach, taking advantage of managed AWS services wherever possible. The company must be able to edit the application code during the migration phase. One application is a traditional three-tier application, consisting of a web presentation tier, an application tier, and a database tier. The external calling client applications need their sessions to remain sticky to both the web and application nodes that they initially connect to.
Which load balancing solution would allow the web and application tiers to scale horizontally independent from one another other?

1. A. Use an Application Load Balancer at the web tier and a Classic Load Balancer at the application tie
2. B. Set session stickiness on both, but update the application code to create an application-controlled cookie on the Classic Load Balancer.
3. C. Use an Application Load Balancer at both the web and application tiers, setting session stickiness at the target group level for both tiers.
4. D. Deploy a web node and an application node as separate containers on the same host, using task linking to create a relationship between the pai
5. E. Add an Application Load Balancer with session stickiness in front of all web node containers.
6. F. Use a Network Load Balancer at the web tier, and an Application Load Balancer at the application tier.Enable session stickiness on the Application Load Balancer, but take advantage of the native WebSockets protocols available to the Network Load Balancer.

Correct Answer: A

An organization will be extending its existing on-premises infrastructure into the cloud. The design consists of a transit VPC that contains stateful firewalls that will be deployed in a highly available configuration across two Availability Zones for automatic failover.
What MUST be configured for this design to work? (Select two.)

1. A. A different Autonomous System Number (ASN) for each firewall.
2. B. Border Gateway Protocol (BGP) routing
3. C. Autonomous system (AS) path prepending
4. D. Static routing
5. E. Equal-cost multi-path routing (ECMP)

Correct Answer: BC
https://docs.aws.amazon.com/solutions/latest/cisco-based-transit-vpc/appendix-a.html

An organization is using a VPC endpoint for Amazon S3. When the security group rules for a set of instances were initially configured, access was restricted to allow traffic only to the IP addresses of the Amazon S3 API endpoints in the region from the published JSON file. The application was working properly, but now is logging a growing number of timeouts when connecting with Amazon S3. No internet gateway is configured for the VPC.
Which solution will fix the connectivity failures with the LEAST amount of effort?

1. A. Create a Lambda function to update the security group based on AmazonIPSpaceChanged notifications.
2. B. Update the VPC routing to direct Amazon S3 prefix-list traffic to the VPC endpoint using the route tableAPIs.
3. C. Update the application server’s outbound security group to use the prefix-list for Amazon S3 in the same region.
4. D. Create an additional VPC endpoint for Amazon S3 in the same route table to scale the concurrent connections to Amazon.

Correct Answer: C
https://aws.amazon.com/blogs/aws/subscribe-to-aws-public-ip-address-changes-via-amazon-sns/

An insurance company is planning the migration of workloads from its on-premises data center to the AWS Cloud The company requires end-to-end domain name resolution Bidirectional DNS resolution between AWS
and the existing on-premises environments must be established The workloads will be migrated into multiple VPCs. The workloads also have dependencies on each other, and not all the workloads will be migrated at the same time
Which solution meets these requirements? Which solution meets these requirements?

1. A. Configure a private hosted zone for each application VPC, and create the requisite records Create a set of Amazon Route 53 Resolver inbound and outbound endpoint In an egress VPC Define Route 53 Resolver rules to forward requests for the on-premises domains to the on-premises DNS resolver Associate the application VPC private hosted zones with the egress VPC and share the Route 53 Resolver rules with the application accounts by using AWS Resource Access Manage
2. B. Configure the on premises DNS servers to forward the cloud domains to the Route 53 inbound endpoint.
3. C. Configure a public hosted zone for each application VPC and create the requisite records Create a set of Amazon Route 53 Resolver Inbound and outbound endpoints in an egress VP
4. D. Define Route 53 Resolver rules to forward requests for the on-premises domains to the on-premises DNS resolver Associate the application VPC private hosted zones with the egress VPC and share the Route 53 Resolver rules with the application accounts by using AWS Resource Access Manager Configure the on-premises DNS servers to forward the cloud domains to the Route 53 inbound endpoints.
5. E. Configure a private hosted zone for each application VPC, and create the requisite records Create a set of Amazon Route 53 Resolver inbound and outbound endpoints in an egress VPC Define Route 53 Resolver rules to forward requests for the on-premises domains to the on-premises DNS resolve
6. F. Associate the application VPC private hosted zones with the egress VPC and share the Route 53 Resolver rules with the application accounts by using AWS Resource Access Manage
7. G. Configure the on-premises DNS servers to forward the cloud domains to the Route 53 outbound endpoint.
8. H. Configure a private hosted zone for each application VPC, and create the requisite records Create a set of Amazon Route 53 Resolver inbound and outbound endpoints in an egress VPC Define Route 53 Resolver rules to forward requests for the on-premises domains to the on-premises DNS resolver Associate the Route 53 outbound rules with the application VPCs and share the private hosted zones with the application accounts by using AWS Resource Access Manager Configure the on-premises DNS servers to forward the cloud domains to the Route 53 inbound endpoint.

Correct Answer: B