ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 228 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 228
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company has a web application that runs in eight AWS Regions. In each Region, the application is hosted on multiple compute resources behind an Application Load Balancer (ALB).

The different Regions are using different domains. Each ALB is configured to accept only HTTPS traffic. Each ALB uses a certificate from AWS Certificate Manager (ACM).

The company wants to simplify the application’s appearance on the web by using a new single domain for all Regions. A network engineer needs to implement this change by designing a solution that also will minimize latency for the application's end users.

Which combination of actions will meet these requirements? (Choose three.)

  • A. Use ACM to create an SSL/TLS certificate in the us-east-1 Region for the new domain.
  • B. Set up latency-based routing in Amazon Route 53 for the new domain. Add the ALBs from all the Regions as targets.
  • C. Create an alias record for the accelerator in Amazon Route 53 for the new domain.
  • D. Create a standard accelerator in AWS Global Accelerator. Configure a listener for TCP traffic. Add all the ALBs as targets for the listener.
  • E. Use ACM to create an SSLITLS certificate for each Region. Configure all the ALBs to use the certificate in their respective Regions.
  • F. Create a custom routing accelerator in AWS Global Accelerator. Configure a listener for HTTPS traffic. Add all the ALBs as targets for the listener. Configure the accelerator to terminate TLS by using the SSLITLS certificate from ACM.
Show Suggested Answer Hide Answer
Suggested Answer: ABF 🗳️
by c1193d4 at Jan. 6, 2025, 9:45 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
secdaddy
1 week ago
Selected Answer: ACF
Accelerator better than Route 53 as anycast and not dependent on DNS and delay measurement. (A) GA uses single certificate that must be in us-east-1. Need the alias (C) for GA to work. (F) Custom accelerator terminates TLS using the new certificate from (A).
upvoted 1 times
...
djangoGroup
4 weeks ago
Selected Answer: CDE
(C) Create an alias record for the accelerator in Route 53 for the new domain • This step stays the same. You want your users to resolve a single domain that leads to Global Accelerator. • (D) Create a standard accelerator in AWS Global Accelerator, configure a listener for TCP (or TLS pass-through), and add all the ALBs as endpoints • Also unchanged. A standard accelerator is how you route traffic at the edge into the correct Region. • (E) Use ACM to create an SSL/TLS certificate for each Region. Configure all the ALBs to use the certificate in their respective Regions • This step is correct if the Region supports ACM for requesting or importing a cert. • If not, you do manual certificate handling (import or direct upload).
upvoted 1 times
...
c1193d4
1 month ago
Selected Answer: CDE
F: NO HTTPS listener available with GA A: NO global certificate is necessary is this case (see CloudFront) B: Could be a solution but GA improves latency more than Route53
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago