Amazon AWS-Certified-Advanced-Networking-Specialty Free Practice Questions

NEW QUESTION 1
In Amazon CloudFront, you cannot configure CloudFront to process cookies for _____.

• A. HTTPS web distributions
• B. Web and RTMP distributions
• C. RTMP distributions
• D. HTTP web distributions

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html

NEW QUESTION 2
In Amazon CloudFront, which of the following is true of Smooth Streaming?

• A. It is a Microsoft format for streaming of media files.
• B. It is a CloudFront format for streaming of media files in RTMP distribution.
• C. It is the Adobe format for streaming of media files.
• D. It is a CloudFront format for streaming of media files in web distributio

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/on-demand-streamingsmooth. html

NEW QUESTION 3
Which of the following characters is not allowed while creating a Namespace for a CloudWatch metric?

• A. /
• B. :
• C. #
• D. @

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht ml

NEW QUESTION 4
Which statement is NOT true about accessing remote AWS region in the US by your AWS Direct Connect which is located in the US?

• A. To connect to a VPC in a remote region, you can use a virtual private network (VPN) connection over your public virtual interface.
• B. To access public resources in a remote region, you must set up a public virtual interface and establish a border gateway protocol (BGP) session.
• C. If you have a public virtual interface and established a BGP session to it, your router learns the routes of the other AWS regions in the US.
• D. Any data transfer out of a remote region is billed at the location of your AWS Direct Connect data transfer rate.

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/remote_regions.html

NEW QUESTION 5
Select the VPC Peering statement below that is NOT true

• A. VPC peering supports transitive peering relationships for IPv6 traffic but not IPv4
• B. VPC peering can be performed between VPCs in different AWS accounts in the same region
• C. TCP connections can be performed between peered VPCs
• D. UDP connections can be performed between peered VPCs

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/vpc-peering-basics.html#vpcpeering- limitations

NEW QUESTION 6
A user is having data generated randomly based on a certain event. The user wants to upload that data to CloudWatch. It may happen that event may not have data generated for some period due to randomness. Which of the below mentioned options is a recommended option for this case?

• A. For the period when there is no data, the user should not send the data at all
• B. The user must upload the data to CloudWatch as having no data for some period will cause an error at CloudWatch monitoring
• C. For the period when there is no data the user should send the value as 0
• D. For the period when there is no data the user should send a blank value

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html

NEW QUESTION 7
To connect to public AWS products such as Amazon EC2 and Amazon S3 through the AWS Direct Link, which step is NOT required?

• A. Provide public IP address (/31) for each Border Gateway Protocol (BGP) session.
• B. Allocate a Private IP address to your network in 172.x.x.x range.
• C. Provide the public routes that you will advertise over Border Gateway Protocol (BGP).
• D. Provide a public Autonomous System Number (ASN) that you own or a private one to identify your network on the Internet.

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

NEW QUESTION 8
When using AWS Config, which two items are stored on S3 as a part of its operation?

• A. Configuration Items and Configuration History
• B. Configuration Recorder and Configuration Snapshots
• C. Configuration History and Configuration Snapshots
• D. Configuration Snapshots and Configuration Streams

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/config-concepts.html#config-items

NEW QUESTION 9
For ____ distributions, CloudFront does not cache cookies in edge caches.

• A. AMI
• B. Web
• C. RTMP
• D. Web and RTMP

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html

NEW QUESTION 10
Which CloudWatch attributes are used for the statistics generation?

• A. All the options are used
• B. Dimension
• C. Data point unit
• D. NameSpace

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html

NEW QUESTION 11
Which service is used by default to store the CloudTrail log files?

• A. Elastic Block Store (EBS)
• B. Redshift
• C. Simple Storage Service (S3)
• D. Glacier

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-working-with-log-files.html

NEW QUESTION 12
Which element of AWS Config can be used to help maintain internal and external compliance controls?

• A. Configuration Item
• B. Configuration Recorder
• C. Configuration Streams
• D. Config Rules

Answer: D

Explanation:
Reference:
https://aws.amazon.com/config/

NEW QUESTION 13
After setting an AWS Direct Connect, which of the following cannot be done with an AWS Direct Connect Virtual Interface?

• A. You can delete a virtual interface; if its connection has no other virtual interfaces, you can delete the connection.
• B. You can change the region of your virtual interface.
• C. You can create a hosted virtual interface.
• D. You can exchange traffic between the two ports in the same region connecting to different Virtual Private Gateways (VGWs) if you have more than one virtual interface.

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/WorkingWithVirtualInterfaces.html

NEW QUESTION 14
You are your company’s AWS cloud architect. You have created a VPC topology that consists of 3
VPCs. You have a centralised VPC (VPC-Shared) that provides shared services to the remaining 2 departmental dedicated VPCs (VPC-Dept1 and VPC-Dept2). The centralised VPC is VPC peered to both of the departmental VPCs, that is a VPC peering connection exists between VPC-Shared and VPC-Dept1, and a VPC peering connection exists between VPC-Shared and VPC-Dept2. Select the correct option from the list below.

• A. Network traffic is possible between VPC-Shared instances and VPC-Dept1 and VPC-Dept2 instances as long as the appropriate routes and security groups are in place, but only for communication that is initiated from VPC1-Shared instances as the default peering bi-directional communication flag has been disabled.
• B. Instances within VPC-Dept1 can communicate directly with instances in VPC-Shared, as long as the appropriate routes and security groups are in place, and vice versa regardless of who initiates communication
• C. All network communication remains blocked between all VPCs until the respective peering bidirectional communication flags are set to the appropriate setting that allows traffic to flow.
• D. Network traffic is possible between VPC-Shared instances and VPC-Dept1 and VPC-Dept2 instances as long as the appropriate routes and security groups are in place, but only for communication that is initiated from VPC1-Shared instances as the default peering bi-directional communication flag has been enabled.

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-partialaccess. html#one-to-two-vpcs-instances

NEW QUESTION 15
What does the term "statistics" mean with respect to CloudWatch metrics?

• A. Time of a metric collection
• B. Data aggregation over a specific period of time
• C. Status of a metric
• D. Unit of a metric

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht ml#Statistic

NEW QUESTION 16
When an AWS Config rule is triggered a JSON object known as an AWS Config Event is created. This object contains a(n) _____ attribute, which is a JSON-formatted set of key/value pairs the receiving AWS Lambda function processes as part of its evaluation logic.

• A. invokingEvent
• B. mappingTemplate
• C. ruleConfiguration
• D. inputParameters

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_developrules_ example-events.html

NEW QUESTION 17
In AWS Direct Connect, which of the following is true of configuring your router to connect to the AWS Direct Connect router?

• A. After creating a virtual interface for your AWS Direct Connect connection, you can download the router configuration file from the available link
• B. After Completing the Cross Connect step, the download link for router configuration will be available
• C. After submitting your AWS Direct Connect connection request, you will receive the router configuration details by email within 72 hours
• D. In Create a Virtual Interface step, the general configuration of your router would be available for downloading.

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#routerconfig

NEW QUESTION 18
Imagine you are using AWS Direct Connect with just one connection from your router to the AWS Direct Connect router. If your connection becomes unavailable, the communication with AWS cloud is lost. What is the best method to prevent this from happening?

• A. AWS Direct Connect neither provides BGP nor provides the failover.
• B. AWS Direct Connect recommends to have the same configuration set up in a multi AZ zone to prevent such loss in connections.
• C. AWS Direct Connect recommends that you request and configure two dedicated connections to AWS either using BGP Multipath (Active/Active) connection or the failover (Active/Passive) connection.
• D. AWS Direct connect does not have a provision to prevent the situation but when you design the system, it is recommended to request a back-up instance to which the traffic can be re-routed.

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#RedundantConnectio ns

NEW QUESTION 19
You can use the _____ command of the AWS Config service CLI to see the compliance state of each resource that AWS Config evaluates for a specific rule.

• A. describe-compliance-by-resource
• B. describe-compliance-by-config-rule
• C. get-compliance-details-by-config-rule
• D. get-compliance-details-by-config-rule

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_view-compliance.html

NEW QUESTION 20
In AWS Direct Connect, to provide for failover, AWS recommends that you request and configure two dedicated connections to AWS.
These connections can terminate on one or two routers in your network. You can do this while _____ with AWS Direct Connect step.

• A. creating a Virtual Interface
• B. configuring redundant connections
• C. completing the cross-connect
• D. verifying your Virtual Interface

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#RedundantConnectio ns

NEW QUESTION 21
In Amazon CloudFront, to link to your objects, if your domain name is d111111abcdef8.cloudfront.net and your object is image.jpg, then the URL for the link in your webpage will be ______.

• A. http://d111111abcdef8.cloudfront.net/images/image.jpg
• B. http://d111111abcdef8.dns/images/image.jpg
• C. http://d111111abcdef8.dns/image.jpg
• D. http://d111111abcdef8.cloudfront.net/image.jpg

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/GettingStarted.html

NEW QUESTION 22
The IPsec protocol suite is made up of various components covering aspects such as confidentiality, encryption, and integrity. Select the correct statement below regarding the correct configuration options for ensure IPsec confidentiality:

• A. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, MD5
• B. The following protocols may be used to configure IPsec confidentiality, DES, 3DES, AES
• C. The following protocols may be used to configure IPsec confidentiality, PSK, RSA
• D. The following protocols may be used to configure IPsec confidentiality, PSK, MD5
• E. The following protocols may be used to configure IPsec confidentiality, PSK, RSA

Answer: B

Explanation:
Reference:
https://en.wikipedia.org/wiki/IPsec

NEW QUESTION 23
Use _____ to get more visibility into the health of your AWS Elastic Beanstalk application and take appropriate actions in case of hardware failure or performance degradation.

• A. Amazon Elastic Beanstalk command line
• B. Amazon EC2 log files
• C. Amazon CloudWatch
• D. Amazon Load balancing

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.concepts.design.html

NEW QUESTION 24
......