All About High Value ANS-C00 Exam Dumps

NEW QUESTION 1
You are your company’s AWS cloud architect. You have created a VPC topology that consists of 3
VPCs. You have a centralised VPC (VPC-Shared) that provides shared services to the remaining 2 departmental dedicated VPCs (VPC-Dept1 and VPC-Dept2). The centralised VPC is VPC peered to both of the departmental VPCs, that is a VPC peering connection exists between VPC-Shared and VPC-Dept1, and a VPC peering connection exists between VPC-Shared and VPC-Dept2. Select the correct option from the list below.

• A. Network traffic is possible between VPC-Shared instances and VPC-Dept1 and VPC-Dept2 instances as long as the appropriate routes and security groups are in place, but only for communication that is initiated from VPC1-Shared instances as the default peering bi-directional communication flag has been disabled.
• B. Instances within VPC-Dept1 can communicate directly with instances in VPC-Shared, as long as the appropriate routes and security groups are in place, and vice versa regardless of who initiates communication
• C. All network communication remains blocked between all VPCs until the respective peering bidirectional communication flags are set to the appropriate setting that allows traffic to flow.
• D. Network traffic is possible between VPC-Shared instances and VPC-Dept1 and VPC-Dept2 instances as long as the appropriate routes and security groups are in place, but only for communication that is initiated from VPC1-Shared instances as the default peering bi-directional communication flag has been enabled.

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-partialaccess. html#one-to-two-vpcs-instances

NEW QUESTION 2
When using AWS Config, which two items are stored on S3 as a part of its operation?

• A. Configuration Items and Configuration History
• B. Configuration Recorder and Configuration Snapshots
• C. Configuration History and Configuration Snapshots
• D. Configuration Snapshots and Configuration Streams

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/config-concepts.html#config-items

NEW QUESTION 3
You would like to automate the monitoring of changes in the configurations of your AWS resources and respond programmatically to configurations of only a certain type. To do this, you could use Amazon ______ as the endpoint for the Amazon SNS topics that generate messages from AWS Config.

• A. Kinesis
• B. Simple Email Service (SES)
• C. Simple Storage Service (S3)
• D. Simple Queue Service (SQS)

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/monitor-resource-changes.html

NEW QUESTION 4
You have many IAM users with the ability to create EC2 volumes. Most of the data your team works with is sensitive, so you would like to make sure all volumes are encrypted. How might you facilitate this requirement?

• A. Create an AWS KMS policy and attach it to all IAM users that can create EC2 volumes
• B. Use AWS Config and create a rule that requires all volumes, upon creation, be encrypted.
• C. Use AWS Config to send out reminders to IAM users every time they create an EC2 volume.
• D. Set EC2 to notify creators to encrypt their EC2 volume

Answer: B

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html

NEW QUESTION 5
What is the maximum number of CloudTrails that you can create per AWS region?

• A. 10
• B. 2
• C. 16
• D. 5

Answer: D

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/faqs/

NEW QUESTION 6
Which endpoint is considered to be best practise when analysing data within a Configuration Stream of AWS Config?

• A. SNS
• B. E-Mail
• C. SQS
• D. Kinesis

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/monitor-resource-changes.html

NEW QUESTION 7
In AWS, which tool records API calls for a specific AWS account and also delivers the log files for that account?

• A. CloudTrail
• B. Redshift
• C. Beanstalk
• D. Cognito

Answer: A

Explanation:
Reference:
https://aws.amazon.com/cloudtrail/

NEW QUESTION 8
Which other AWS service is used to track ‘Related Events’ within the Configuration Item?

• A. AWS WAF
• B. SQS
• C. AWS CloudTrail
• D. S3

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#configitem- table

NEW QUESTION 9
A user is having data generated randomly based on a certain event. The user wants to upload that data to CloudWatch. It may happen that event may not have data generated for some period due to randomness. Which of the below mentioned options is a recommended option for this case?

• A. For the period when there is no data, the user should not send the data at all
• B. The user must upload the data to CloudWatch as having no data for some period will cause an error at CloudWatch monitoring
• C. For the period when there is no data the user should send the value as 0
• D. For the period when there is no data the user should send a blank value

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html

NEW QUESTION 10
You can use the _____ command of the AWS Config service CLI to see the compliance state of each resource that AWS Config evaluates for a specific rule.

• A. describe-compliance-by-resource
• B. describe-compliance-by-config-rule
• C. get-compliance-details-by-config-rule
• D. get-compliance-details-by-config-rule

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_view-compliance.html

NEW QUESTION 11
Imagine you are using AWS Direct Connect with just one connection from your router to the AWS Direct Connect router. If your connection becomes unavailable, the communication with AWS cloud is lost. What is the best method to prevent this from happening?

• A. AWS Direct Connect neither provides BGP nor provides the failover.
• B. AWS Direct Connect recommends to have the same configuration set up in a multi AZ zone to prevent such loss in connections.
• C. AWS Direct Connect recommends that you request and configure two dedicated connections to AWS either using BGP Multipath (Active/Active) connection or the failover (Active/Passive) connection.
• D. AWS Direct connect does not have a provision to prevent the situation but when you design the system, it is recommended to request a back-up instance to which the traffic can be re-routed.

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#RedundantConnectio ns

NEW QUESTION 12
In the context of Amazon CloudFront Actions, you use the ______ when specifying APIs in IAM policies.

• A. object names
• B. class names
• C. entity names
• D. action names

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/UsingWithIAM.html

NEW QUESTION 13
What service is used to store the log files generated by CloudTrail?

• A. EC2
• B. EBS
• C. S3
• D. VPC

Answer: C

Explanation:
Reference: https://aws.amazon.com/cloudtrail/

NEW QUESTION 14
Convert the following IPv4 address in presented in binary form, into dotted decimal form 10101100.01111011.00001101.10011101

• A. 172.123.13.157
• B. 173.13.13.157
• C. 172.122.13.15
• D. 172.124.13.57

Answer: A

Explanation:
Reference:
https://en.wikipedia.org/wiki/IPv4

NEW QUESTION 15
A user is trying to send custom metrics to CloudWatch using the PutMetricData APIs. Which of the below mentioned points should the user needs to take care while sending the data to CloudWatch?

• A. The size of a request is limited to 128KB for HTTP GET requests and 64KB for HTTP POST requests
• B. The size of a request is limited to 40KB for HTTP GET requests and 8KB for HTTP POST requests
• C. The size of a request is limited to 16KB for HTTP GET requests and 80KB for HTTP POST requests
• D. The size of a request is limited to 8KB for HTTP GET requests and 40KB for HTTP POST requests

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht ml

NEW QUESTION 16
Which statement is NOT true about accessing remote AWS region in the US by your AWS Direct Connect which is located in the US?

• A. To connect to a VPC in a remote region, you can use a virtual private network (VPN) connection over your public virtual interface.
• B. To access public resources in a remote region, you must set up a public virtual interface and establish a border gateway protocol (BGP) session.
• C. If you have a public virtual interface and established a BGP session to it, your router learns the routes of the other AWS regions in the US.
• D. Any data transfer out of a remote region is billed at the location of your AWS Direct Connect data transfer rate.

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/remote_regions.html

NEW QUESTION 17
Fill in the blanks: One of the basic characteristics of security groups for your VPC is that you ______ .

• A. can specify allow rules, but not deny rules
• B. can specify deny rules, but not allow rules
• C. can specify allow rules as well as deny rules
• D. can neither specify allow rules nor deny rules

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

NEW QUESTION 18
Which of the following statements is true of AWS Elastic Beanstalk?

• A. AWS Elastic Beanstalk uses CloudWatch for monitoring and alarms, meaning CloudWatch costs are applied to your AWS account for any alarms that you use.
• B. AWS Elastic Beanstalk uses CloudWatch for monitoring and alarms, and both are free of charge.
• C. AWS Elastic Beanstalk doesn't use CloudWatch for monitoring and alarms, but you pay extra for any AWS Elastic Beanstalk Alarm you set in the monitoring tool.
• D. AWS Elastic Beanstalk has its own free-of-charge monitoring tool, and you are not charged for the alarm you set.

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.alarms.html

NEW QUESTION 19
Which AWS service is used within an AWS Config Rule to perform the logic evaluation of that rule?

• A. Inspector
• B. WAF
• C. Lambda
• D. SWF

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules_nodejssample. html

NEW QUESTION 20
Each custom AWS Config rule you create must be associated with a(n) AWS _____ , which contains the logic that evaluates whether your AWS resources comply with the rule.

• A. Lambda function
• B. Configuration trigger
• C. EC2 instance
• D. S3 bucket

Answer: A

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html

NEW QUESTION 21
When an AWS Config rule is triggered a JSON object known as an AWS Config Event is created. This object contains another JSON string in its _____ parameter, which describes the event that
triggered the rule.

• A. resultToken
• B. eventLeftScope
• C. invokingEvent
• D. configRuleName

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_developrules_ example-events.html

NEW QUESTION 22
Which of the following characters is not allowed while creating a Namespace for a CloudWatch metric?

• A. /
• B. :
• C. #
• D. @

Answer: D

Explanation:
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht ml

NEW QUESTION 23
Which of the following physical layer standards is required for connection to AWS Direct Connect over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic cable?

• A. Single mode fiber, 1000BASE-LX for 1 gigabit Ethernet, or 10GBASE-ER for 10 gigabit Ethernet
• B. Multi mode fiber, 1000BASE-LX for 1 gigabit Ethernet, or 10GBASE-ER for 10 gigabit Ethernet
• C. Single mode fiber, 1000BASE-LX for 1 gigabit Ethernet, or 10GBASE-LR for 10 gigabit Ethernet
• D. Multi mode fiber, 1000BASE-SX for 1 gigabit Ethernet, or 10GBASE-SR for 10 gigabit Ethernet

Answer: C

Explanation:
Reference:
http://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

NEW QUESTION 24
......