ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 89 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 89
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company uses a 1 Gbps AWS Direct Connect connection to connect its AWS environment to its on-premises data center. The connection provides employees with access to an application VPC that is hosted on AWS. Many remote employees use a company-provided VPN to connect to the data center. These employees are reporting slowness when they access the application during business hours. On-premises users have started to report similar slowness while they are in the office.

The company plans to build an additional application on AWS. On-site and remote employees will use the additional application. After the deployment of this additional application, the company will need 20% more bandwidth than the company currently uses. With the increased usage, the company wants to add resiliency to the AWS connectivity. A network engineer must review the current implementation and must make improvements within a limited budget.

What should the network engineer do to meet these requirements MOST cost-effectively?

  • A. Set up a new 1 Gbps Direct Connect dedicated connection to accommodate the additional traffic load from remote employees and the additional application. Create a link aggregation group (LAG).
  • B. Deploy an AWS Site-to-Site VPN connection to the application VPC. Configure the on-premises routing for the remote employees to connect to the Site-to-Site VPN connection.
  • C. Deploy Amazon Workspaces into the application VPInstruct the remote employees to connect to Workspaces.
  • D. Replace the existing 1 Gbps Direct Connect connection with two new 2 Gbps Direct Connect hosted connections. Create an AWS Client VPN endpoint in the application VPC. Instruct the remote employees to connect to the Client VPN endpoint.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by tom_cat at May 2, 2023, 6:37 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tom_cat
Highly Voted 1 year, 9 months ago
Selected Answer: D
A) If current 1 Gbps Direct Connect is not enough for on-premises users adding another 1 Gbps Direct Connect will not add resiliency. In case of one Direct Connect link failure there will be not enough bandwidth. Especially with new app and increased by 20% usage. B) No resiliency. In case of VPN S2S failure 1 Gbps Direct connect won't be sufficient for on-premises and remote users. C) Very expensive D) Should work. In case of one link failure single 2 Gbps Direct Connect hosted connection will be sufficient to handle all the traffic for on-premises users. Remote users will connect by AWS client VPN directly to VPC.
upvoted 9 times
ChinkSantana
1 year, 1 month ago
With the increased usage, the company wants to add resiliency to the AWS connectivity. A network engineer must review the current implementation and must make improvements within a limited budget. Based on this requirement... B should be the answer
upvoted 4 times
...
...
takecoffe
Highly Voted 1 year, 8 months ago
Selected Answer: B
deploying an AWS Site-to-Site VPN connection and configuring on-premises routing for remote employees would be the most cost-effective solution while meeting the company's requirements for increased bandwidth and resiliency.
upvoted 7 times
...
dspd
Most Recent 1 day, 11 hours ago
Selected Answer: B
Not A for sure - AWS Direct Connect LACP (Link Aggregation Control Protocol) does not work on 1 Gbps dedicated connections Even B is not good from resiliency... so ideally not all the answers are correct.... B is closest
upvoted 1 times
...
46f094c
1 month, 1 week ago
Selected Answer: A
D is the most expensive... 4Gb BW plus VPN-client service In B there is no resiliency, it only says to re-route remote users through the S2S, not on-prem users too. C out So has to be A
upvoted 2 times
...
AzureDP900
1 month, 1 week ago
The most cost-effective solution would be: Option B . Deploying an AWS Site-to-Site VPN connection to the application VPC. Configuring on-premises routing for remote employees to connect to the Site-to-Site VPN connection. This option provides a more cost-effective solution by leveraging the existing 1 Gbps Direct Connect connection and using the same infrastructure. Adding a new connection would be too expensive, whereas deploying an AWS Site-to-Site VPN connection is a more efficient use of resources. The other options are not correct because: Option A involves setting up a new direct connect link which will increase the cost. Option C introduces Amazon Workspaces which may add an additional layer of complexity and also incur costs.
upvoted 1 times
...
Spaurito
3 months, 1 week ago
A - This is the better and most cost effective solution. You're not changing the architecture just increasing performance. You can use multiple connections to increase available bandwidth. A link aggregation group (LAG) is a logical interface that uses the Link Aggregation Control Protocol (LACP) to aggregate multiple connections at a single AWS Direct Connect endpoint, allowing you to treat them as a single, managed connection. LAGs streamline configuration because the LAG configuration applies to all connections in the group. https://docs.aws.amazon.com/directconnect/latest/UserGuide/lags.html
upvoted 1 times
...
VerRi
4 months, 2 weeks ago
Selected Answer: B
A) The bandwidth of DX is 1Gbps, which is also a bottleneck, creating a LAG can speed up On-premises to Global Acceleration Location only, it won't help to provide better performance. B) correct. C) ??? D) It provides more bandwidth but is expensive
upvoted 2 times
...
AlirezaNetWorld
5 months, 1 week ago
A is the best answer
upvoted 1 times
...
seochan
8 months, 2 weeks ago
Selected Answer: A
I don't understand why B should be the answer. The company is already using DX connection; there is no benefit even if you no longer use the existing DX connection. Just adding one more DX connection and aggregating via LAG would solve this problem cost-effectively. I know establishing an S2S connection has a lower initial cost, but it only makes sense when you use both of the connections (DX and S2S).
upvoted 2 times
...
Marfee400704
12 months ago
I think that it's correct answer is A according to SPOTO products.
upvoted 1 times
...
GaryQian
1 year ago
Selected Answer: B
Vote for B. The vpn is cheap compared with other options
upvoted 5 times
...
michele_scar
1 year ago
Selected Answer: B
Is the more cost-effectively solution. You already have a DX for user who needs AWS App; with the Site-to-site ONLY for the newest application you can use 1.25Gb in plus for that application and still continue using the old DX for others. Replacing 1 DX with 2 DX + AWS Client VPC should be very more expensive than 1 Site-to-site
upvoted 5 times
...
jorgesoma
1 year ago
Unclear correct answer. Please, provide correct answer.
upvoted 1 times
...
Vogd
1 year, 1 month ago
Selected Answer: A
A only. It adds one Dx only. As per https://docs.aws.amazon.com/directconnect/latest/UserGuide/lags.html D) invalid as DX can be 1,10 and 100GB, not 2GB, plus unlike A it asks for 2Dx hosted connections to be created, which is more expensive. B) wrong since site to site vpn limit is 1.25GBbps. Company already uses 1 Gbps and its not enough and expect 20% increase in the future https://aws.amazon.com/vpn/faqs/#:~:text=A%3A%20Each%20AWS%20Site%2Dto,of%20up%20to%201.25%20Gbps. C) remote employees still need to connect, so it does not solve anything.
upvoted 3 times
...
Arad
1 year, 3 months ago
Selected Answer: B
I think among all these options, B is the most cost-effective solution which provides both resiliency and 20% more capacity.
upvoted 5 times
...
Tofu13
1 year, 5 months ago
Selected Answer: B
DX & S2S VPN is a common low-budget solution that is resilient. https://docs.aws.amazon.com/vpn/latest/s2svpn/disaster-recovery-resiliency.html https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct-connect-site-to-site-vpn.html
upvoted 6 times
...
Cheam
1 year, 6 months ago
Selected Answer: D
The answers for this question are awful. Firstly, HOSTED Direct Connect is far more expensive than DEDICATED Direct Connect, then you have to pay to use AWS Client VPN solution - not the MOST cost-effective! But only answer D will still be able to meet that +20% bandwidth requirement if one of the Direct Connect lines fails (resiliency) as there's no bandwidth contention between on-prem and remote-access users. Gosh, what a tough one! All the best.
upvoted 1 times
Spaurito
3 months, 2 weeks ago
Issue with Option D is is you're going from 1 Gbps to 4 Gbps. "two new 2 Gbps Direct Connect hosted". If it was another 1 Gbps DX would make more sense.
upvoted 1 times
...
mrt261
11 months, 3 weeks ago
Option D suggests replacing the existing Direct Connect connection with two new 2 Gbps connections, which could be more expensive and may not be necessary for the company's requirements. Additionally, setting up a Client VPN endpoint may incur additional costs and complexity.
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago