Free Practice Amazon ANS-C01 Exam Questions 2025

Stay ahead with 100% Free AWS Certified Advanced Networking Specialty ANS-C01 Dumps Practice Questions

Page: 1 / 47

Total 232 Questions | Updated On: Feb 12, 2025

Add To Cart

Question 1

A company deployed its production Amazon VPC using CIDR block 33.16.0.0/16. The company has nearly depleted its addresses and now needs to extend the VPC network.

Which CIDR blocks meet the company's requirement to extend the VPC network with a secondary CIDR? (Choose two.)

A : 33.17.0.0/16

B : 172.16.0.0/18

C : 100.70.0.0/17

D : 192.168.1.0/24

E : 10.0.0.0/8

Answer: A,C

Question 2

A company uses AWS Direct Connect to connect its corporate network to multiple VPCs in the same AWS account and the same AWS Region. Each VPC uses its own private VIF and its own virtual LAN on the Direct Connect connection. The company has grown and will soon surpass the limit of VPCs and private VIFs for each connection. What is the MOST scalable way to add VPCs with on-premises connectivity?

A : Provision a new Direct Connect connection to handle the additional VPCs. Use the new connection to connect additional VPCs.

B : Create virtual private gateways for each VPC that is over the service quota. Use AWS Site-to-Site VPN to connect the virtual private gateways to the corporate network.

C : Create a Direct Connect gateway, and add virtual private gateway associations to the VPCs. Configure a private VIF to connect to the corporate network.

D : Create a transit gateway, and attach the VPCs. Create a Direct Connect gateway, and associate it with the transit gateway. Create a transit VIF to the Direct Connect gateway.

Answer: D

Question 3

A company has an application running on Amazon EC2 instances in a VPC The application must publish custom metrics to Amazon CloudWatch in the same AWS Region The metrics include proprietary information All connectivity must be over private IP addresses.

Which solution will meet these requirements'?

A : Connect to CloudWatch through a NAT gateway

B : Connect to CloudWatch through a gateway endpoint

C : Connect to CloudWatch through an internet gateway

D : Connect to CloudWatch through an interface endpoint

Answer: D

Question 4

A company wants to enforce a compliance requirement that its Amazon EC2 instances use only on-premises DNS servers tor name resolution Outbound DNS requests lo all other name servers must be denied. A network engineer configures the following set of outbound rules for a security group.

Other-Image-27ab13157-f384-454f-8031-3b5776e261be

The network engineer discovers that the EC2 instances are still able to resolve DNS requests by using Amazon DNS servers inside the VPC Why is the solution tailing to meet the compliance requirement9

A : The security group cannot filter outbound traffic to the Amazon DNS servers

B : The security group must have inbound rules to prevent DNS requests from coming back to EC2 instances.

C : The EC2 instances are using the HTTPS port to send DNS queries to Amazon DNS servers

D : The security group cannot filter outbound traffic to destinations within the same VPC

Answer: A

Question 5

A Network Engineer is designing a system on AWS that will leverage Amazon CloudFront for content caching and for protecting the underlying origin. The security team has flagged a concern of a probable attack on the origin server IP addresses, despite it being served by CloudFront.

Suggest a solution that provides the strongest level of protection to the origin server?

A : Configure CloudFront to use a custom header and configure an AWS WAF rule on the origin’s Application Load Balancer to accept only traffic that contains that header

B : Configure Origin Access Identity(OAI) on the origin server, which will only allow requests originating from CloudFront

C : Configure private access to content by using special CloudFront signed URLs or signed cookies

D : Configure an AWS Lambda@Edge function to validate that the traffic to the Application Load Balancer originates from CloudFront

Answer: A

Page: 1 / 47

Total 232 Questions | Updated On: Feb 12, 2025

Add To Cart