AWS Certified Advanced Networking – Specialty SET 1

Welcome to AWS Certified Advanced Networking - Specialty Set 1.

Please enter your email details to get QUIZ Details on your email id.

Click on Next Button to proceed.

1. You organization is using a single EC2 instance for a ticketing system and its related traffic. This custom application has been installed on a Linux based instance. Which of the following implementation can help achieve higher bandwidth for the ticketing system and its traffic?
2. You have a launch a new web application in a VPC that requires SSL mutual client side authentication using embedded AES encrypted chips. You have setup a classic load balancer listener and have a requirement to support mutual authentication between the client and the application. Which of the following protocol must you setup on the load balancer listener?
3. Which of the following are default AWS routing behaviours?
4. Your team is planning to use a CloudFront distribution and use S3 as an origin. You want to ensure compliance by making sure the S3 bucket that the origin is associated with is not accessible from the public internet, but you still want to serve the content via CloudFront. How can you do this?
5. How many client VPN tunnels can an AWS VPN Connection support?
6. Which of the following VPN solutions can support OpenVPN? (Choose 2)
7. How many IPSec security associations can AWS VPN Connections support?
8. True or false: Customers need to create two or more AWS VPN connections to ensure minimum availability.
9. You have recently been approached by another team member asking your advice on implement the DevOps practice of blue/green deployments. Which of the following strategies will allow you to have blue/green deployments?
10. What ports should be open on a firewall to allow a Customer Gateway to establish VPN connectivity? (Choose 2)
11. As a network engineer you are in charge of adding and remove rules to a particular security group associated with some of the IPv4 resources your team is managing. You are making an API call to add a particular inbound rule and receiving the following error back: RulesPerSecurityGroupLimitExceeded. What is the reason and solution for this error?
12. You have decided to peer two VPCs that are located in the same region but in different accounts. VPC A and VPC B. A team of developers are using VPC A to perform heart beat checks on servers in VPC B. The servers in VPC B are being pinged by their public DNS name provided by the DHCP server in VPC B. The developers are having issues performing the heart beat checks. Which of the follow could be the reasons for the issues? (Choose 3)
13. You work for a company who has a need to send large amounts of data that will be ingested by S3. The data that is ingested must be encrypted on transfer and this ingestion process will happen on a regular interval. What can we do to accomplish this?
14. You have multiple EC2 instances within a VPC that is located in us-west-2. You have been notified by another team member that these instances need to have optimal networking performance. These instance are communicating with other instances in other VPCs located in us-east-1 through VPC peering. Which of the following options are appropriate when ensuring the maximum network performance? (Choose 2)
15. You have been tasked with investigating and congregating all of the requests that are dropped when users try to access your EC2 application. What is the most cost effective and least effort solution your can use to gather this information?
16. A VGW is peered to two BGP border routers in the same autonomous system. The AS administration wants to configure BGP prefixes so that traffic from AWS to on-prem will be sent to only one of the two border routers instead the other router. The AS administration also wants these configuration changes to be passed on to other BGP autonomous systems that are also peered to the VGW. Which BGP attribute or property should be modified to achieve the desired result?
17. Which of the following are true about Network Access Control Lists? (Choose 4)
18. You are working in Route 53 and you need to create a record so your team can point at existing domain name to a CloudFront distribution. What type of record can be created to achieve this?
19. What is the name of the AWS feature that allows VGWs to automatically advertise learned routes over all connections that support dynamic routing?
20. You have created an application load balancer to host your team's web facing application. The marketing team has recently purchased a domain name that they want you to use to serve out the application from. Both website links of and need to point to the same location. What can you do to properly make this work?
21. You are reviewing the architecture for a current setup where a VPC endpoint has been created to access S3 data privately within a VPC. The default endpoint policy is in place, and when trying to access the bucket, your access is denied. What can be done to solve this issue?
22. What can you do to stop sending traffic to resources with a weighted routing policy?
23. You are setting up an target group for a network load balancer with a target type of instances. Which type of health check protocols are supported when the load balancer is performance health checks on the target instances? (Choose 3)
24. Which of the following are true about Security Groups? (Choose 4)
25. The global BGP system is divided into different administrative units called _______ .

Leave a Reply

Your email address will not be published. Required fields are marked *