ANS-C01試験の準備方法|信頼的なANS-C01問題トレーリング試験|正確的なAWS Certified Advanced Networking Specialty Exam日本語試験対策ほとんどの時間インターネットにアクセスできない場合、どこかに行く必要がある場合はオフライン状態ですが、ANS-C01試験のために学習したい場合。心配しないでください、私たちの製品はあなたの問題を解決するのに役立ちます。最新のANS-C01試験トレントは、能力を強化し、試験に合格し、認定を取得するのに非常に役立つと確信しています。嫌がらせから抜け出すために、ANS-C01学習教材は高品質で高い合格率を備えています。だから、今すぐ行動しましょう! ANS-C01クイズ準備を使用してください。 Amazon AWS Certified Advanced Networking Specialty Exam 認定 ANS-C01 試験問題 (Q32-Q37):質問 # 32
A company has workloads that run in a VPC. The workloads access Amazon S3 by using an S3 gateway endpoint. The company also has on-premises workloads that need to access Amazon S3 privately over a VPN connection. The company has established the VPN connection to the VPC.
Which solution will provide connectivity to Amazon S3 from the VPC workloads and the on-premises workloads in the MOST operationally efficient way?
A. Deploy a proxy fleet of Amazon EC2 instances in the VPC behind an Application Load Balancer (ALB). Configure the on-premises workloads to use the ALB as the proxy server to connect to Amazon S3. Configure the proxy fleet to use the S3 gateway endpoint to connect to Amazon S3.
B. Set up an AWS Direct Connect connection. Create a public VIF. Configure on-premises routing to route the S3 traffic over the public VIF. Make no changes to the on-premises workloads. Continue to use the S3 gateway endpoint for the VPC workloads to access Amazon S3.
C. Create an S3 interface endpoint. Configure an on-premises DNS resolver to resolve the S3 DNS names to the private IP addresses of the S3 interface endpoint. Use the S3 interface endpoint to access Amazon S3. Continue to use the S3 gateway endpoint for the VPC workloads to access Amazon S3.
D. Delete the S3 gateway endpoint. Create an S3 interface endpoint. Deploy a proxy fleet of Amazon EC2 instances in the VPC behind an Application Load Balancer (ALB).
Configure the on-premises workloads to use the ALB as the proxy server to connect to Amazon S3. Configure the proxy fleet and the VPC workloads to use the S3 interface endpoint to connect to Amazon S3.
正解:C
解説:
The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.
質問 # 33
In AWS, which tool records API calls for a specific AWS account and also delivers the log files for that account?
Response:
A. Beanstalk
B. CloudTrail
C. Cognito
D. Redshift
正解:B
質問 # 34
A two-tier application has an Elastic Load Balancing (ELB) load balancer configured in front of the application tier that is driven via RESTful interfaces. The data tier uses RDS MySQL. The company's new policies require end-to-end encryption of all data in transit.
How will you configure this requirement?
Response:
A. Configure the ELB with a TCP listener. Configure the application instances for SSL termination.
Configure RDS for SSL, and use REQUIRE SSL grants
B. Configure the ELB with SSL protocol. Offload encryption of application instance to the load balancer.
Install your SSL/TLS certificate on Amazon RDS, and configure SSL
C. Configure HTTPS as the ELB load balancer protocol. Offload application instance encryption to the load balancer. Install your SSL certificate on Amazon RDS, and configure SSL
D. Configure the ELB load balancer with an HTTP listener. Configure the application instances for SSL termination. Configure Amazon RDS for SSL, and use REQUIRE SSL grants
正解:A
質問 # 35
Which type of firewall dynamically allows return traffic?
Response:
A. Network ACL
B. Security Group
C. Stateless Firewall
正解:B
質問 # 36
You are auditing an AWS infrastructure after you noticed some abnormal charges on the bill. You use AWS Config to monitor your changes. What else is required to find out who made the change?
Response:
A. Use the eventID of the change and reference it with CloudWatch to find the culprit.
B. Use the eventID of the change and reference it with your Flow Logs.
C. Use the eventId of the change and reference it with CloudTrail to find the culprit.
D. There is no information to find this. You will need to sign up for Config Premium.