Browse Exams Pricing

ExamsANS-C01Questions

ANS-C01 Exam Questions

305 real ANS-C01 exam questions with expert-verified answers and explanations. Page 2 of 7.

Question #51Networking
A company is planning to use Amazon S3 to archive financial data. The data is currently stored in an on-premises data center. The company uses AWS Direct Connect with a Direct Conn...
AWS Direct ConnectTransit GatewayS3 Private AccessIPsec VPN
Question #52Troubleshoot Network Issues
A company has deployed a web application on AWS. The web application uses an Application Load Balancer (ALB) across multiple Availability Zones. The targets of the ALB are AWS Lamb...
ALB access logsAmazon S3Amazon AthenaLog analysis
Question #53
A company is creating new features for its ecommerce website. These features will use several microservices that are accessed through different paths. The microservices will run on...
Application Load BalancerX-Forwarded-For headerHTTPS terminationPath-based routing
Question #54
A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The ALB is the origin in an Amazon CloudFront distribution. The company wants t...
CloudFrontLambda@EdgeToken ValidationCustom Authentication
Question #55None
A company's network engineer is designing a hybrid DNS solution for an AWS Cloud workload. Individual teams want to manage their own DNS hostnames for their applications in their d...
Route 53 ResolverPrivate Hosted ZonesHybrid DNS resolutionOn-premises DNS integration
Question #56Design and implement hybrid network architectures
A company has its production VPC (VPC-A) in the eu-west-1 Region in Account 1. VPC-A is attached to a transit gateway (TGW-A) that is connected to an on-premises data center in Dub...
AWS Transit GatewayAWS Direct ConnectDirect Connect GatewayTGW Peering
Question #57Manage and optimize network operations
A company has deployed an application in a VPC that uses a NAT gateway for outbound traffic to the internet. A network engineer notices a large quantity of suspicious network traff...
VPC Flow LogsCloudWatch LogsCloudWatch Contributor InsightsNetwork Traffic Monitoring
Question #58Design and implement hybrid network architectures
A network engineer is designing a hybrid architecture that uses a 1 Gbps AWS Direct Connect connection between the company's data center and two AWS Regions: us-east-1 and eu-west-...
AWS Direct ConnectTransit VIFHybrid ConnectivityMulti-Region Networking
Question #59Hybrid Connectivity
A company uses AWS Direct Connect to connect its corporate network to multiple VPCs in the same AWS account and the same AWS Region. Each VPC uses its own private VIF and its own v...
AWS Direct Connect scalabilityTransit GatewayDirect Connect GatewayHybrid networking
Question #60
A company recently migrated its Amazon EC2 instances to VPC private subnets to satisfy a security compliance requirement. The EC2 instances now use a NAT gateway for internet acces...
NAT GatewayTCP KeepaliveNetwork TroubleshootingIdle Timeout
Question #61Manage Network Operations
A company deploys a new web application on Amazon EC2 instances. The application runs in private subnets in three Availability Zones behind an Application Load Balancer (ALB). Secu...
ALB session stickinessALB target groupWeb application troubleshooting
Question #62
A company is running multiple workloads on Amazon EC2 instances in public subnets. In a recent incident, an attacker exploited an application vulnerability on one of the EC2 instan...
Amazon GuardDutyThreat DetectionNetwork MonitoringVPC Flow Logs
Question #63
A company has two AWS accounts one for Production and one for Connectivity. A network engineer needs to connect the Production account VPC to a transit gateway in the Connectivity...
Transit GatewayCross-account sharingAWS RAMVPC attachment
Question #64Network Design
A company plans to deploy a two-tier web application to a new VPC in a single AWS Region. The company has configured the VPC with an internet gateway and four subnets. Two of the s...
S3 Gateway EndpointVPC private routingS3 Interface EndpointNetwork cost optimization
Question #65Design and Implement Network Architecture
A network engineer needs to set up an Amazon EC2 Auto Scaling group to run a Linux-based network appliance in a highly available architecture. The network engineer is configuring t...
EC2 Auto ScalingLaunch TemplatesElastic Network InterfacesBYOIP
Question #66Continuous Improvement for Existing Solutions
A company is hosting an application on Amazon EC2 instances behind a Network Load Balancer (NLB). A solutions architect added EC2 instances in a second Availability Zone to improve...
AWS NLBNLB Availability ZonesLoad balancer routingHigh availability configuration
Question #67Security
A media company is implementing a news website for a global audience. The website uses Amazon CloudFront as its content delivery network. The backend runs on Amazon EC2 Windows ins...
CloudFront SSL ConfigurationALB HTTPS ListenersAWS Certificate ManagerEC2 Instance SSL
Question #68Network Design
Your organization has a newly installed 1-Gbps AWS Direct Connect connection. You order the cross-connect from the Direct Connect location provider to the port on your router in th...
Direct Connectrouter requirements802.1Q VLANBGP peering
Question #69Infrastructure Security
Your security team implements a host-based firewall on all of your Amazon Elastic Compute Cloud (EC2) instances to block all outgoing traffic. Exceptions must be requested for each...
EC2 instance metadatahost firewall rulesoutbound connectivity
Question #70Design and Implement Hybrid Network Architectures
A customer has set up multiple VPCs for Dev, Test, Prod, and Management. You need to set up AWS Direct Connect to enable data flow from on-premises to each VPC. The customer has mo...
AWS Direct ConnectVPC PeeringHybrid Cloud NetworkingNetwork Cost Optimization
Question #71Network Design
Your company runs an application for the US market in the us-east-1 AWS region. This application uses proprietary TCP and UDP protocols on Amazon Elastic Compute Cloud (EC2) instan...
Route 53Latency-based RoutingGlobal InfrastructureDNS
Question #72Network Security
You deploy an Amazon EC2 instance that runs a web server into a subnet in a VPC. An Internet gateway is attached, and the main route table has a default route (0.0.0.0/0) configure...
Network ACLsSecurity GroupsEC2 NetworkingEphemeral Ports
Question #73Design Network Solutions for AWS
An organization launched an IPv6-only web portal to support IPv6-native mobile clients. Front- end instances launch in an Amazon VPC associated with an appropriate IPv6 CIDR. The V...
VPC secondary IPv4 CIDRSubnet creationEC2 instance addressingIPv6 VPC
Question #74Design and Implement Hybrid Connectivity
An organization is replacing a tape backup system with a storage gateway. there is currently no connectivity to AWS. Initial testing is needed. What connection option should the or...
AWS Storage GatewayHybrid ConnectivityAWS Network ConnectivityCost Optimization
Question #75
All IP addresses within a 10.0.0.0/16 VPC are fully utilized with application servers across two Availability Zones. The application servers need to send frequent UDP probes to a s...
NAT gatewayNAT gateway port exhaustionVPC Internet egressUDP traffic
Question #76
An organization is using a VPC endpoint for Amazon S3. When the security group rules for a set of instances were initially configured, access was restricted to allow traffic only t...
VPC Endpoint S3Security Group outbound rulesAWS Prefix ListNetwork connectivity troubleshooting
Question #77Design and Implement Hybrid Network Architectures
A bank built a new version of its banking application in AWS using containers that content to an on-premises database over VPN connection. This application version requires users t...
Application Load BalancerContent-based routingHybrid cloud networkingApplication versioning
Question #78Design and Implement Hybrid Connectivity
A company is deploying a non-web application on an AWS load balancer. All targets are servers located on-premises that can be accessed by using AWS Direct Connect. The company want...
Network Load BalancerProxy ProtocolSource IP preservationDirect Connect
Question #79
An AWS CloudFormation template is being used to create a VPC peering connection between two existing operational VPCs, each belonging to a different AWS account. All necessary comp...
VPC PeeringCloudFormationVPC RoutingCross-account networking
Question #80NONE_PROVIDED_IN_PROMPT
A Network Engineer is provisioning a subnet for a load balancer that will sit in front of a fleet of application servers in a private subnet. There is limited IP space left in the...
AWS Network Load BalancerAWS Application Load BalancerIP SubnettingVPC IP Management
Question #81Optimize network costs
A company is migrating its containerized application to AWS. For the architecture the company will have an ingress VPC with a Network Load Balancer (NLB) to distribute the traffic...
VPC peeringTransit GatewayData transfer costsVPC connectivity
Question #82Troubleshoot Network Issues
A company has stateful security appliances that are deployed to multiple Availability Zones in a centralized shared services VPC. The AWS environment includes a transit gateway tha...
Transit GatewayTGW Appliance modeShared Services VPCMulti-AZ routing
Question #83
Your organization leverages an IP Address Management (IPAM) product to manage IP address distribution. The IPAM exposes an API. Development teams use CloudFormation to provision ap...
CloudFormation custom resourcesAWS LambdaAPI integrationIPAM
Question #84Design and Implement Advanced Network Architectures
A company has hundreds of Amazon EC2 instances that are running in two production VPCs across all Availability Zones in the us-east-1 Region. The production VPCs are named VPC A an...
AWS Transit GatewayTGW Appliance ModeInter-VPC routingNetwork Firewall
Question #85
A development team is building a new web application in the AWS Cloud. The main company domain, example.com, is currently hosted in an Amazon Route 53 public hosted zone in one of...
Route 53 DNS DelegationPublic Hosted ZonesCross-Account DNSSubdomain Management
Question #86Secure Network Connections
A company wants to use thin clients running virtual desktops to replace 500 desktop computers used by its call center employees. The company is evaluating Amazon WorkSpaces as a so...
Amazon WorkSpacesWorkSpaces connectivityFirewall rulesNetwork troubleshooting
Question #87Troubleshoot Network Issues
A network engineer deploys an application in a private subnet in a VPC that connects to many external video feed providers using RTMP over the internet. A NAT gateway has been depl...
AWS NAT GatewayPacket fragmentationMTUNetwork troubleshooting
Question #88Network Security
A network architect is designing an internet website. It has web, application, and database tiers that will run in AWS. The website uses Amazon DynamoDB. Which architecture will mi...
VPC architecturePrivate subnetsApplication Load Balancer (ALB)Network security
Question #89Network Design
An architecture is being designed to support an Amazon WorkSpaces deployment of 1,000 desktops. Which architecture will support this deployment while allowing for future expansion?
Amazon WorkSpacesVPC sizingSubnettingNetwork scaling
Question #90Design and Implement Hybrid Network Architectures
An organization's Security team has a requirement that all data leaving its on-premises data center be encrypted at the network layer and use dedicated connectivity. There is also...
AWS Direct ConnectIPsec VPNVPC Flow LogsHybrid connectivity
Question #91Please provide the official exam domains. I am unable to select from an empty list, which makes it impossible to fulfill this specific requirement while adhering to the rule 'You MUST pick EXACTLY one domain from the provided list' and 'Do NOT invent, rephrase, or paraphrase domain names'. I cannot generate a valid `domain_objective` under the current constraints.
A company has an application running on Amazon EC2 instances in a private subnet that connects to a third-party service provider's public HTTP endpoint through a NAT gateway. As re...
AWS NAT GatewayNetwork TroubleshootingCloudWatch MetricsNetwork Scaling
Question #92Network Design
An application runs on a fleet of Amazon EC2 instances in a VPC. All instances can reach one another using private IP addresses. The application owner has a new requirement that th...
DHCP Option SetsVPC DesignVPC Peering
Question #93Design and Implement DNS Solutions
DNS name resolution must be provided for services in the following four zones: company.private. emea.company.private. apac.company.private. amer.company.private. The contents of th...
Route 53 Private Hosted ZonePrivate DNSVPC DNS ResolutionDNS Architecture
Question #94Network Design
An organization wants to process sensitive information using the Amazon EMR service. The information is stored in on-premises databases. The output of processing will be encrypted...
EMR NetworkingNAT GatewayHybrid ConnectivityS3 Encryption
Question #95Design and Implement Hybrid Connectivity
You have a global corporate network with 153 individual IP prefixes in your internal routing table. You establish a private virtual interface over AWS Direct Connect to a VPC that...
Direct ConnectBGP configurationRoute summarizationVGW routing
Question #96Network Design
You are building an application that provides real-time audio and video services to customers on the Internet. The application requires high throughput. To ensure proper audio and...
EC2 Enhanced NetworkingNetwork PerformanceLow LatencyHigh Throughput
Question #97
Your organization requires strict adherence to a change control process for its Amazon Elastic Compute Cloud (EC2) and VPC environments. The organization uses AWS CloudFormation as...
AWS CloudFormationAWS ConfigAWS SNSConfiguration drift detection
Question #98Network Security
You have multiple Amazon Elastic Compute Cloud (EC2) instances running a web server in a VPC configured with security groups and NACL. You need to ensure layer 7 protocol level log...
VPC Flow LogsNetwork traffic loggingEC2 networkingTraffic monitoring
Question #99Network Security
A Network Engineer is designing a new system on AWS that will take advantage of Amazon CloudFront for both content caching and for protecting the underlying origin. There is concer...
CloudFront origin protectionCustom headersAWS WAFDirect origin access prevention
Question #100Design and Implement Hybrid Connectivity
A network engineer is managing two AWS Direct Connect connections. Each connection has a public virtual interface configured with a private ASN. The engineer wants to configure act...
Direct Connect BGPBGP Local PreferenceBGP prefix advertisingActive/passive routing

PreviousPage 2 of 7Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.