ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 215 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 215
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company’s network engineer must implement a cloud-based networking environment for a network operations team to centrally manage. Other Teams will use the environment. Each team must be able to deploy infrastructure to the environment and must be able to manage its own resources. The environment must feature IPv4 and IPv6 support and must provide internet connectivity in a dual-stack configuration.

The company has an organization in AWS Organizations that contains a workload account for the teams. The network engineer creates a new networking account in the organization.

Which combination of steps should the network engineer take next to meet the requirements? (Choose three.)

  • A. Create a new VPC. Associate an IPv4 CIDR block of 10.0.0.0/16 and specify an IPv6 block of 2001:db8:c5a:6000::/56. Provision subnets by assigning /24 IPv4 CIDR blocks and /64 IPv6 CIDR blocks.
  • B. Create a new VPC. Associate an IPv4 CIDR block of 10.0.0.0/16 and use an Amazon-provided IPV6 CIDR block. Provision subnets by assigning /24 IPv4 CIDR blocks and /64 IPV6 CIDR blocks.
  • C. Enable sharing of resources within the organization by using AWS Resource Access Manager (AWS RAM). Create a resource share in the networking account, select the provisioned subnets, and share the provisioned subnets with the target workload account. Use the workload account to accept the resource share through AWS RAM.
  • D. Enable sharing of resources within the organization by using AWS Resource Access Manager (AWS RAM). Create a resource share in the networking account, select the new VPC, and share the new VPC with the target workload account. Use the workload account to accept the resource share through AWS RAM.
  • E. Create an internet gateway and an egress-only internal gateway. Deploy NAT gateways to the public subnets. Associate the internet gateway with the new VPC. Update the route tables. Associate the route tables with the relevant subnets.
  • F. Create an internet gateway. Deploy NAT instances to public subnets. Update the route tables. Associate the route tables with the relevant subnets.
Show Suggested Answer Hide Answer
Suggested Answer: BCE 🗳️
by Cacheirez at Aug. 13, 2024, 10:33 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Cacheirez
Highly Voted 5 months, 3 weeks ago
Selected Answer: BCE
BCE are better options than the rest: Option A: Specifies a manual IPv6 block rather than using Amazon-provided IPv6 blocks, which are preferred for their global uniqueness and routability. Option D: Suggests sharing an entire VPC, which is less secure and harder to manage compared to sharing specific subnets. Option F: Suggests using NAT instances, which are less scalable and more maintenance-intensive than NAT gateways.
upvoted 5 times
...
46f094c
Most Recent 2 weeks, 2 days ago
Selected Answer: BCE
A: range /48 and bigger (space-wise) is possible to import to AWS, not a smaller one like /56 in the question
upvoted 1 times
...
woorkim
1 month, 3 weeks ago
B,C,E ois correct! A. Manually specifying an IPv6 block is unnecessary D. Sharing the entire VPC would give workload accounts full control over the VPC, which is not desirable in a centrally managed networking setup. F. Using NAT instances introduces operational overhead and is not recommended unless cost is a critical concern.
upvoted 3 times
...
cas_tori
5 months, 1 week ago
Selected Answer: BCE
this is BCE
upvoted 4 times
...
aragon_saa
5 months, 3 weeks ago
Selected Answer: ACE
Answer is ACE
upvoted 2 times
AzureDP900
3 weeks, 3 days ago
yes, ACE is correct This step provides internet connectivity for the VPC, enabling communication between the VPC and the internet. The egress-only internal gateway ensures that only outgoing traffic from the VPC can access the internet, while the NAT gateways provide necessary network address translation for incoming traffic.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago