Amazon ANS-C00 Dumps PDF ~ 100% Brilliant Results| Dumps4Download

Question: 1

Your organization’s corporate website must be available on www.acme.com and acme.com.

How should you configure Amazon Route 53 to meet this requirement?

A. Configure acme.com with an ALIAS record targeting the ELB. www.acme.com with an ALIAS record

targeting the ELB.

B. Configure acme.com with an A record targeting the ELB. www.acme.com with a CNAME record

targeting the acme.com record.

C. Configure acme.com with a CNAME record targeting the ELB. www.acme.com with a CNAME record

targeting the acme.com record.

D. Configure acme.com using a second ALIAS record with the ELB target. www.acme.com using a PTR

record with the acme.com record target.

Answer: A 

Question: 2

You are building an application in AWS that requires Amazon Elastic MapReduce (Amazon EMR). The

application needs to resolve hostnames in your internal, on-premises Active Directory domain. You

update your DHCP Options Set in the VPC to point to a pair of Active Directory integrated DNS servers

running in your VPC.

Which action is required to support a successful Amazon EMR cluster launch?

A. Add a conditional forwarder to the Amazon-provided DNS server.

B. Enable seamless domain join for the Amazon EMR cluster.

C. Launch an AD connector for the internal domain.

D. Configure an Amazon Route 53 private zone for the EMR cluster.

Answer: A

Question: 3

You have a three-tier web application with separate subnets for Web, Applications, and Database tiers.

Your CISO suspects your application will be the target of malicious activity. You are tasked with notifying

the security team in the event your application is port scanned by external systems.

Which two AWS Services cloud you leverage to build an automated notification system? (Select two.)

A. Internet gateway

B. VPC Flow Logs

C. AWS CloudTrail

D. Lambda

E. AWS Inspector

Answer: BD 

Question: 4

You are designing the network infrastructure for an application server in Amazon VPC. Users will access

all the application instances from the Internet and from an on-premises network. The on-premises

network is connected to your VPC over an AWS Direct Connect link.

How should you design routing to meet these requirements?

A. Configure a single routing table with two default routes: one to the Internet via an IGW, the other to

the on-premises network via the VGW. Use this routing table across all subnets in your VPC.

B. Configure two routing tables: one that has a default route via the IGW, and another that has a default

route via the VGW. Associate both routing tables with each VPC subnet.

C. Configure a single routing table with a default route via the IGW. Propagate a default route via BGP

on the AWS Direct Connect customer router. Associate the routing table with all VPC subnet.

D. Configure a single routing table with a default route via the IGW. Propagate specific routes for the

onpremises networks via BGP on the AWS Direct Connect customer router. Associate the routing table

with all VPC subnets.

Answer: D

Question: 5

Your organization uses a VPN to connect to your VPC but must upgrade to a 1-G AWS Direct Connect

connection for stability and performance. Your telecommunications provider has provisioned the circuit

from your data center to an AWS Direct Connect facility and needs information on how to cross-connect

(e.g., which rack/port to connect).

What is the AWS-recommended procedure for providing this information?

A. Create a support ticket. Provide your AWS account number and telecommunications company’s name

and where you need the Direct Connect connection to terminate.

B. Create a new connection through your AWS Management Console and wait for an email from AWS

with information.

C. Ask your telecommunications provider to contact AWS through an AWS Partner Channel. Provide

your

AWS account number.

D. Contact an AWS Account Manager and provide your AWS account number, telecommunications

company’s name, and where you need the Direct Connect connection to terminate.

Answer: B 

Question: 6

A multinational organization has applications deployed in three different AWS regions. These

applications must securely communicate with each other by VPN. According to the organization’s

security team, the VPN must meet the following requirements:

• AES 128-bit encryption

• SHA-1 hashing

• User access via SSL VPN

• PFS using DH Group 2

• Ability to maintain/rotate keys and passwords

• Certificate-based authentication

Which solution should you recommend so that the organization meets the requirements?

A. AWS hardware VPN between the virtual private gateway and customer gateway

B. A third-party VPN solution deployed from AWS Marketplace

C. A private MPLS solution from an international carrier

D. AWS hardware VPN between the virtual private gateways in each region

Answer: B 

Question: 7

A legacy, on-premises web application cannot be load balances effectively. There are both planned and

unplanned events that cause usage spikes to millions of concurrent users. The existing infrastructure

cannot handle the usage spikes. The CIO has mandated that the application be moved to the cloud to

avoid further disruptions, with the additional requirement that source IP addresses be unaltered to

support network traffic-monitoring needs. Which of the following designs will meet these

requirements?

A. Use an Auto Scaling group of Amazon EC2 instances behind a Classic Load Balancer.

B. Use an Auto Scaling group of EC2 instances in a target group behind an Application Load Balancer.

C. Use an Auto Scaling group of EC2 instances in a target group behind a Classic Load Balancer.

D. Use an Auto Scaling group of EC2 instances in a target group behind a Network Load Balancer.

Answer: D 

Fore more info :

https://www.dumps4download.com/ans-c00-dumps.html

https://dumps-study-material.blogspot.com/2020/10/google-com.html