exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 241 discussion

A company’s data center is connected to a single AWS Region by an AWS Direct Connect dedicated connection. The company has a single VPC in the Region. The company stores logs for all its applications locally in the data center.

The company must keep all application logs for 7 years. The company decides to copy all application logs to an Amazon S3 bucket.

Which solution will meet these requirements?

  • A. Create a public VIF on the Direct Connect connection. Create an Amazon S3 gateway endpoint in the VPC.
  • B. Create a private VIF on the Direct Connect connection. Create an Amazon S3 gateway endpoint in the VPC.
  • C. Create a private VIF on the Direct Connect connection. Create an Amazon S3 interface endpoint in the VPC.
  • D. Create a public VIF on the Direct Connect connection. Create an Amazon S3 interface endpoint in the VPC.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
zanhsieh
3 days, 2 hours ago
Selected Answer: B
I pick B. All options can access S3. GW endpoint is free but interface endpoint isn't. Security wise we will pick private VIF not public VIF, and pick GW endpoint not interface endpoint.
upvoted 1 times
...
secdaddy
1 month, 2 weeks ago
Selected Answer: A
How about (A) that has an S3 gateway (preferred as free) endpoint providing S3 for inside the VPC and the public VIF providing S3 service for the DC across DX.
upvoted 2 times
...
woorkim
2 months ago
Selected Answer: C
https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html you allow in-VPC applications to continue accessing Amazon S3 through the gateway endpoint, which is not billed. Then, only your on-premises applications would use interface endpoints to access Amazon S3.
upvoted 3 times
secdaddy
1 month, 2 weeks ago
Private VIF doesn't provide S3 to onprem ?
upvoted 1 times
...
...
kowal_001
2 months, 1 week ago
Selected Answer: C
Interface Endpoint for Amazon S3: Unlike gateway endpoints, interface endpoints (using AWS PrivateLink) are accessible from both inside the VPC and from external sources such as an AWS Direct Connect connection or VPN. This makes the interface endpoint the right choice when the application logs stored locally in the data center need to be uploaded to S3 over the Direct Connect connection.
upvoted 1 times
...
c1193d4
2 months, 1 week ago
Selected Answer: C
C: because gateway endpoints are not accessible from sources outside the VPC (like DX)
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago