Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 21 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 21
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company’s network engineer needs to design a new solution to help troubleshoot and detect network anomalies. The network engineer has configured Traffic Mirroring. However, the mirrored traffic is overwhelming the Amazon EC2 instance that is the traffic mirror target. The EC2 instance hosts tools that the company’s security team uses to analyze the traffic. The network engineer needs to design a highly available solution that can scale to meet the demand of the mirrored traffic.
Which solution will meet these requirements?

  • A. Deploy a Network Load Balancer (NLB) as the traffic mirror target. Behind the NLB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring as necessary.
  • B. Deploy an Application Load Balancer (ALB) as the traffic mirror target. Behind the ALB, deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring only during non-business hours.
  • C. Deploy a Gateway Load Balancer (GLB) as the traffic mirror target. Behind the GLB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring as necessary.
  • D. Deploy an Application Load Balancer (ALB) with an HTTPS listener as the traffic mirror target. Behind the ALB. deploy a fleet of EC2 instances in an Auto Scaling group. Use Traffic Mirroring only during active events or business hours.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by zaazanuna at March 18, 2023, 9:43 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Cheam
Highly Voted 1 year, 1 month ago
Selected Answer: A
Another tricky question and consider the wording in the answers choices - "as the traffic mirror target". I have selected A because the NLB is a valid mirror target, but the GWLB is not (Answer C). Yes, comments supporting Answer C say that GWLB must also mean/include GLWB-E. Then you have two valid answers to the question where you can only select one. Therefore, it is A for me. Ref: https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html All the best.
upvoted 17 times
...
dremm
Highly Voted 1 year, 5 months ago
Selected Answer: C
C) Makes more sense for the updated exam, GWLB is relatively new. Read the release post for GWLB - https://aws.amazon.com/about-aws/whats-new/2022/05/amazon-vps-traffic-mirroring-supports-sending-mirrored-traffic-gateway-load-balancer-backed-monitoring-appliances/ "This helps simplify the monitoring of network traffic across AWS accounts and VPCs in a highly scalable and operationally efficient manner by removing routing complexity and operational overhead."
upvoted 14 times
...
btech24
Most Recent 2 weeks ago
Answer is A, Gateway Load Balancer is not a valid traffic mirror target. There are 3 valid traffic mirror endpoints 1. Network Interface 2. Network Load Balancer 3. Gateway Load Balancer endpoints ref https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html
upvoted 3 times
...
AlirezaNetWorld
3 weeks, 1 day ago
The right answer is C without any doubts...
upvoted 1 times
...
kourosh
4 months, 3 weeks ago
Selected Answer: A
A is the correct answer: https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html
upvoted 1 times
...
Jonalb
5 months, 1 week ago
Selected Answer: A
A is correct!
upvoted 1 times
...
Raphaello
5 months, 2 weeks ago
Selected Answer: A
I'd go with A. Valid traffic mirror targets include "GWLB ENDPOINTS"..for this, I'd go with A. Traffic mirror target concepts A traffic mirror target is the destination for mirrored traffic. You can use the following resources as traffic mirror targets: Network interfaces of type interface Network Load Balancers Gateway Load Balancer endpoints <<<< https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html
upvoted 1 times
...
patanjali
6 months, 2 weeks ago
Selected Answer: A
GWLB cant be the answer as you will need Firewall behind GWLB which understand GENEVE. Simple and BEst solution is to use NLB with TCP/UDP listner
upvoted 1 times
...
ogrefighter
6 months, 2 weeks ago
Selected Answer: A
GLB operates at Layer 3. NLB operates at Layer 4 -- so an NLB cannot be directly the target of GLB. Simplest answer is A https://aws.amazon.com/compare/the-difference-between-the-difference-between-application-network-and-gateway-load-balancing/#:~:text=An%20NLB%20operates%20on%20layer,on%20ports%20and%20IP%20addresses.
upvoted 1 times
...
Marfee400704
7 months, 1 week ago
I think that its correct answer is A according to SPOTO products.
upvoted 1 times
...
marfee
7 months, 2 weeks ago
I think that it's correcty answer is A.
upvoted 1 times
...
AmSpOkE
7 months, 2 weeks ago
Selected Answer: A
Answer is A as GWLB (which could be a good answer) is not a valid target for a mirroring.
upvoted 2 times
...
Snape
8 months, 1 week ago
Selected Answer: A
Option B and D involvea ALB, which is suited for web applications and layer 7 traffic. In this scenario, primary goal is to handle mirrored traffic, therefore NLB is a better fit. Option C GLB is designed for different usecases and doesnt make sense here
upvoted 1 times
...
Suresh108
9 months ago
Voting CCCCCCCC https://aws.amazon.com/blogs/networking-and-content-delivery/introduction-to-traffic-mirroring-to-gwlb-endpoints-as-target/
upvoted 1 times
ChinkSantana
7 months, 3 weeks ago
Correct: Amazon VPC Traffic Mirroring now supports sending mirrored traffic to Gateway Load Balancer backed monitoring appliances
upvoted 1 times
...
...
Arad
10 months, 4 weeks ago
Selected Answer: A
B and D are not correct and ALB cannot be used as target of mirroring. C is not correct because GWLB is to be used in front of 3rd party appliances like Palo Alto Firewalls, not EC2 instances. A is the only option which makes sense and is correct.
upvoted 2 times
alejo232425
10 months, 2 weeks ago
The EC2 instance hosts tools that the company’s security team uses to analyze the traffic. - that sounds like third party tools otherwise they would mention what apps.
upvoted 1 times
...
...
task_7
10 months, 4 weeks ago
Selected Answer: A
NLB good choice if you have multiple EC2 instances that can analyze mirrored traffic. GLB Network analysis tools are virtual appliances
upvoted 2 times
...
AWS_Exam_Enjoyer
11 months, 2 weeks ago
No, you cannot use AWS Gateway Load Balancer directly on an Amazon EC2 instance. AWS Gateway Load Balancer is designed to balance traffic across multiple network resources such as Virtual Private Gateways (VGWs) and Direct Connect Gateways, not EC2 instances.
upvoted 2 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel