AWS ANS-C00 Certified Advanced Networking Speciality Exam Set 6

The current web application is hosted by a number of EC2 instances, which is placed behind a load balancer application. All safety groups and NaCl has taken place security measures. What an extraordinary measure to ensure blocking attacks of malicious P DDS addresses


Options are :

  • You should invest in AWS Shield in front of the service Application Load balancer
  • You should place the WAF in front of the service Application Load balancer (Correct)
  • Consider the more restrictive rules to the network ACL
  • You should invest in AWS service Private Link to Application Front Load balancer
  • None

Answer : You should place the WAF in front of the service Application Load balancer

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 8

The company is hosted on AWS EC2 Instance. This hosted application to EC2 Instance. Nowadays, this application is currently under a number of issues. You need to inspect network packets to see what ty error that occurs? Which steps below may help to solve this problem?


Options are :

  • Use the VPC Flow Logs.
  • Used in other cases. Setup port open ModeA Y and sniff the traffic to analyze packets
  • Use the Cloud to view metric
  • None
  • Use the online tool provided by mentioning AWS partner. (Correct)

Answer : Use the online tool provided by mentioning AWS partner.

You can plan the formation of clouds in models used in the provision of infrastructure in your company account. This is the primary way in which resources can be created. In addition to the formation of clouds company wants to get automatic alerts if other resources to get created. 3 Select a service from the list below, which may help to achieve this?


Options are :

  • AWS Config (Correct)
  • cloud formation
  • Cloud watch Logs
  • Simple Notification Service
  • ops work
  • AWS Lrrbd (Correct)

Answer : AWS Config AWS Lrrbd

You have the EC2 Instance, which is responsible for processing a lot of video and audio. There is a requirement to ensure maximum performance EC2 Instance, when it comes to handling the packet network. How can this be achieved? Select 2 response options below


Options are :

  • Make sure your MTU is set to 9001 for the VPC
  • Choose t2.medlum example, type
  • Make sure your MTU is set to 9001 instance (Correct)
  • To ensure that, for example, supports a rotor I / O virtualization (Correct)

Answer : Make sure your MTU is set to 9001 instance To ensure that, for example, supports a rotor I / O virtualization

AWS Solutions Architect - Associate SAA-C01 Practice Exams Set 11

You have to setup the EC2 instance that hosts the web application. You have set the following rules Security group o rules allow incoming traffic on port 80 from 0.0.0.0/0 No Deny Outbound traffic No NaCl allow incoming traffic on port 80 from 0.0.0.0/0 No Deny outgoing traffic users complain that they can not access the web server. How can we ensure that the problem gets resolved?


Options are :

  • Outbound traffic is allowed NaCl port 80
  • Allow Outgoing traffic protection groups gate 80
  • None
  • Allow Outgoing traffic protection for short-term groups of ports
  • Outbound traffic is allowed NaCl for short-term ports (Correct)

Answer : Outbound traffic is allowed NaCl for short-term ports

You have a set of EC2 Cases VPC. You must be optimal network operation in these cases. In these cases, speaking second instances via the VPC VPC peering. Which of the following should be carried out to maximize network performance? Select 2 response options below.


Options are :

  • Enable Enhanced networking Instances (Correct)
  • Set the MTU moments of 9001
  • Make sure that the operating system will support deeper networking (Correct)
  • Create two availability zones in cases of primary VPC and place them in a placement group

Answer : Enable Enhanced networking Instances Make sure that the operating system will support deeper networking

Team has setup a testing environment using the VPC and the EC2 instances. The application is currently being hosted in these cases. Some housekeeping scripts developed using AWS Ec2 these instances, EBS volumes in their respective Lambda who need to remove moles. What is the first assembly, which should be introduced?


Options are :

  • Make sure to use --vpc- conflg creating EC2, for example,
  • VPC is to ensure access to the route to the Lambda function
  • None
  • Secure Internet Gateway is attached to the VPC
  • In order to ensure the creation of uses AWS VPC -config Lambda function (Correct)

Answer : In order to ensure the creation of uses AWS VPC -config Lambda function

AWS DVA-C01 Certified Developer Associate Practice Exam Set 7

You have been working to create a VPN connection between AWS and on-premise infrastructure. You have created a Virtual Private customer gateway and gateway. You need to make sure the firewall rules are on your side. Which of the following would you like to configure? Select 2 response options below?


Options are :

  • UDP port 500 (Correct)
  • UDP port SO
  • TCP port SO
  • IP protocol 50 (Correct)
  • P protocol 5
  • TCP port SOO

Answer : UDP port 500 IP protocol 50

The company is AWS Direct Connect data link from VPC on the premises place. Which of the following can be used as a backup incase the Direct Connect connection is interrupted for some reason? Select 2 response options below?


Options are :

  • Setup the secondary Direct Connect connection.
  • It is not necessary to determine this will fall back to secondary AWS Direct Connect connection towards the SLA.
  • VPN connection (Correct)
  • Setup peering connection (Correct)

Answer : VPN connection Setup peering connection

You have a team that is trying to swallow the information Amazon 53. They are trying to swallow a large 1TB of data, for example. Improved Networking has enabled, for example. But the data ingestion process is the Quiz's still running slowly. What can be done to fix the problem?


Options are :

  • Consider two cases and by dividing the consumption data (Correct)
  • Create a VPC endpoint, for example, 53
  • VPN, for example, S3
  • None
  • To use AWS Direct Connect connection S3, and the instance

Answer : Consider two cases and by dividing the consumption data

AWS Solutions Architect - Associate SAA-C01 Practice Exams Set 15

You currently have 9 EC2 instances running a placement group. All of these 9 instances originally launched at the same time and seem to be performing as expected. You decide that you need to add 2 new cases of the group; However, when you try to do this, you receive an error capacity. Which of the following measures likely to remedy this problem? Choose the correct answer from the choices below to select:


Options are :

  • None
  • Make sure that all cases are the same size, and try to start again.
  • Stop and restart the cases have been Placement group and try to start again. (Correct)
  • Make a new Placement Group and the launch of new cases of the new group. Make sure that the placement groups are on the same subnet.
  • Ask for a lifting capacity of the AWS as you at first be limited to 10 cases per Placement Group.

Answer : Stop and restart the cases have been Placement group and try to start again.

You have a business premises application that needs access to the Simple Storage Service. Some of the main requirements are a high bandwidth connection, low jitter and high availability. Which of the following do you consider an alternative design?


Options are :

  • Please use the public Internet to use S3 service
  • Using AWS Direct Connect with the public VIF (Correct)
  • Using IPSec VPN access Virtual Private Gateway
  • Using AWS Direct Connect is a private VIF
  • None

Answer : Using AWS Direct Connect with the public VIF

Production team has created a Multi-AZ Amazon RDS instance. The application connects to, for example, via a custom DNS record. There was a case where the primary database does not exist, and the program can no longer connect to the database. What should be done to make this same thing does not happen in the future?


Options are :

  • Make sure that the primary database is quickly replaced with a secondary
  • Make sure that the application is using the IP address of the primary database, for example,
  • None
  • Make sure that the application is using the IP address of a second database, for example,
  • Make sure that the application is using Amazon RDS host name (Correct)

Answer : Make sure that the application is using Amazon RDS host name

AWS Solutions Architect - Associate SAA-C01 Practice Exams Set 13

The company has the following Direct Connect and a VPN site connectivity - VPN 10.1.0.0/24 AS 65000 65000 Site B - VPN 10.1.0.252/30 AS 65000 Site C - Direct Connect 10.0.0.0/8 AS 65000 Site D - Direct Connect 10.0. 0.0 / 16 AS 65000 SI What AWS sites if they wish to access the network? SI Select:


Options are :

  • D site
  • website
  • site B (Correct)
  • site C
  • None

Answer : site B

Your team has created a model of cloud formation. It creates a VPC and subnet where the CIDR block 10.0.0.0/16 and you have created with another subnet with the VPC CIDR block 10.1.0.0/24. What happens when you try to install template?


Options are :

  • The model provides the design phase error
  • The model provides an error, and all of the resources will be returned back to (Correct)
  • The model provides an error when creating a subnet and leave the VPC created
  • None
  • The model successfully introduced

Answer : The model provides an error, and all of the resources will be returned back to

You have My SQL cluster that hosts the AWS. The nodes in the cluster currently working in the private IP addresses. It is a self-referencing security group that is used throughout the nodes in the cluster to obtain use. Now, the requirement to ensure disaster recovery across the region on these nodes. How you can achieve the communication nodes in different regions of safely?


Options are :

  • None
  • VPN IPSec tunnel. Make sure that the nodes in a different region to refer to groups of security for those assigned to nodes in the primary area
  • Use your public IP addresses and the use of SSL certificates for secure communication across nodes
  • Use private IP addresses for the nodes and the use of SSL certificates across secure communication nodes
  • VPN IPSec tunnel. Make sure that the nodes reference a different region of the VPC CIDR block their safety groups (Correct)

Answer : VPN IPSec tunnel. Make sure that the nodes reference a different region of the VPC CIDR block their safety groups

AWS DVA-C00 Certified Developer Associate Practice Exam Set 11

The company is planning the opening of AWS Direct Connect connection. They must ensure that their router has the necessary capabilities to support this connection. What must be supported by the router following. Select 3 response options below?


Options are :

  • BGP and BGP MDS authentication (Correct)
  • 802.1QVLAN (Correct)
  • 1 Gpbs copper interface
  • Single-mode fiber (Correct)

Answer : BGP and BGP MDS authentication 802.1QVLAN Single-mode fiber

Your team has created a model of cloud formation. The template consists of a virtual private gateway, client and gateway based VPN connection created objects. The models sometimes give errors because the routes are not added because the missing Virtual Private Gateway resource. How can you solve this?


Options are :

  • Change the order of the model creation capabilities
  • None
  • More VPGW depends on the attribute route table
  • Add your own resource subscription model, a route table
  • Add an attribute depends on the routing table entry is VPGW (Correct)

Answer : Add an attribute depends on the routing table entry is VPGW

You have to create your own VIF existing AWS Direct Connect connection. Which of the following is required during setup?


Options are :

  • VLAN (Correct)
  • a virtual gateway (Correct)
  • Prefixes to advertise
  • Peer public IP

Answer : VLAN a virtual gateway

AWS Develops Engineer Professional Practice Final File Exam Set 1

You are trying to diagnose the connection problem in Linux, for example. The instance is assigned a public IP and is a public subnet. You can also see that the internet gateway is attached, and route tables are in place. You bastion host SSH Instance. Then make LF config and see that the interface is not a public IP address. What should I do next check up on?


Options are :

  • None
  • Define P private interface
  • Check the security groups in the instance (Correct)
  • Specify the public IP interface
  • Determine the Elastic IP interface

Answer : Check the security groups in the instance

Your team will use NAT, for example, Linux on EC2 Instance. Private subnet route is added to the S 0.0.0.0/0 NAT Instance. This NAT is used to download updates from the Internet Instance of the cases, the private subnet. But IT administrators, who are responsible for applying the updates complain about slow response times. What can be done to fix this problem? Select 2 response options below


Options are :

  • Move NAT, for example, the private subnet to be closer to deposits
  • Add another NAT case. Add another route 0.0.0.0/0 a new NAT case
  • To compensate, for example, the NAT NAT gateway (Correct)
  • Update the NAT type, for example such as greater (Correct)

Answer : To compensate, for example, the NAT NAT gateway Update the NAT type, for example such as greater

You have VPC and EC2 Instances hosted subnet. You need to diagnose layer 7 traffic and see the accepted and rejected requests. Which of the following would help to meet this requirement?


Options are :

  • Installing IDS on each Instance
  • Enabling Cloud Trail
  • Enabling the VPC Flow Logs (Correct)
  • Using the Cloud Watch logs
  • None

Answer : Enabling the VPC Flow Logs

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 10

You've just setup the Amazon redshift cluster of tables and began to load the Copy command. You have noticed that the Internet is being used for copying data. You want to make sure that the internet is not used during copying. How can you achieve this?


Options are :

  • Make sure that the NaCl is set subnets hosting redshift cluster
  • To ensure the routing table shows the VPN instead of the Internet gateway
  • None
  • Ensure Enhanced VPC routing is enabled redshift cluster (Correct)
  • In order to ensure the safety of Groups is set to EC2 Instances hosting redshift cluster

Answer : Ensure Enhanced VPC routing is enabled redshift cluster

You AWS Admin team has created the AWS workspace. Users premise channel environment does not seem to have the ability to use AWS created workspaces. What could be the primary question the underling. Please choose:


Options are :

  • NACLS is AWS Workspaces do not allow incoming traffic
  • The company's firewall ports are not open
  • Security Groups AWS Workspaces do not allow outgoing traffic
  • AWS Workspaces is not created correctly. They have to be re-created (Correct)
  • None

Answer : AWS Workspaces is not created correctly. They have to be re-created

Which of the following is not true about the Amazon Cloud Front cache behavior?


Options are :

  • Forward query strings origin, and the cache is based on certain parameters in the query string.
  • Do not care about the origin of the query strings at all, then Cloud Front does not cache based on query parameters.
  • None
  • Forward query strings origin, and the cache memory of all the parameters in the query string.
  • For RTMP distributions, you can specify the Cloud Front to forward the query parameters to your origins. (Correct)

Answer : For RTMP distributions, you can specify the Cloud Front to forward the query parameters to your origins.

AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 7

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions