ANS-C00 : AWS Certified Advanced Networking – Specialty : Part 16
-
In the context of CloudFront RTMP Distribution, the Adobe Flash Media Server _________ file specifies which domains can access media files in a particular domain.
- accessdomain.JSON
- crossdomain.xml
- accessdomain.xml
- crossdomain.JSON
Explanation:
In the context of CloudFront RTMP Distribution, the Adobe Flash Media Server crossdomain.xml file specifies which domains can access media files in a particular domain. -
In Amazon CloudFront, you cannot configure CloudFront to process cookies for_________.
- HTTPS web distributions
- Web and RTMP distributions
- RTMP distributions
- HTTP web distributions
Explanation:
You cannot configure Amazon CloudFront to log cookies for RTMP distributions. For web distributions, CloudFront by default doesn’t consider cookies when caching your objects in edge locations. If your origin returns two objects and they differ only by the values in the Set-Cookie header, CloudFront caches only one version of the object. -
For _______ distributions, CloudFront does not cache cookies in edge caches.
- AMI
- Web
- RTMP
- Web and RTMP
Explanation:
For RTMP distributions, when Amazon CloudFront requests an object from the origin server, it removes any cookies before forwarding the request to your origin. If your origin returns any cookies along with the object, CloudFront removes them before returning the object to the viewer.For RTMP distributions, CloudFront does not cache cookies in edge caches. -
With respect to Amazon CloudFront, which one of the following statements is correct?
- For HTTPS web distributions, you cannot forward cookies to your origin.
- For both HTTP and HTTPS web distributions, you can choose to forward cookies to your origin.
- For HTTP web distributions, you cannot forward cookies to your origin.
- For Real Time Messaging Protocol (RTMP) distributions, you can configure CloudFront to process cookies.
Explanation:
With respect to Amazon CloudFront, for HTTP and HTTPS web distributions, you can choose whether you want CloudFront to forward cookies to your origin. For RTMP distributions, you cannot configure CloudFront to process cookies. -
What are three services that help mitigate a DDoS? (Choose two.)
- AWS Shield
- DynamoDB
- Elastic Beanstalk
- CloudFront
Explanation:
AWS Shield and CloudFront can help mitigate the effects of a DDoS -
Which service would you use to see the DSCP value in a packet header?
- CloudTrail
- Config
- Flow Logs
- None of the above
Explanation:
To perform deep packet inspection, you would need a specialized tool such as Wireshark. -
Which service parses large Flow Logs for consumption by other programs such as Kibana?
- S3
- ElasticSearch
- Elastic Beanstalk
- Kinesis
-
Which service would you use to see if your infrastructure has changed?
- Config
- Elastic Beanstalk
- CloudTrail
- CloudWatch
-
What service is used to store the log files generated by CloudTrail?
- EC2
- EBS
- S3
- VPC
Explanation:
The AWS CloudTrail uses Amazon’s Simple Storage Service (S3) to store log files. It also supports the use of S3 life cycle configuration rules to reduce storage costs. -
In AWS, which tool records API calls for a specific AWS account and also delivers the log files for that account?
- CloudTrail
- Redshift
- Beanstalk
- Cognito
Explanation:
The AWS CloudTrail is a web service that is used to record AWS API call for a specific AWS account. It also delivers log files, which provide the following details:- Identity of the API caller
– Time of the API call
– Source IP address of API caller
– Request parameters
– Response elements -
Which CloudWatch attributes are used for the statistics generation?
- All the options are used
- Dimension
- Data point unit
- NameSpace
Explanation:
Statistics represents data aggregation of the metric data values over a specific period of time. These aggregations are made using the namespace, metric name, dimensions and the data point unit of measure within the time period that the user has specified. -
AWS CloudTrail can be configured to ____ log files across multiple accounts and regions so that log files are delivered to a single bucket.
- aggregate
- disperse
- replicate
- encrypt
Explanation:
You can configure CloudTrail to aggregate log files from multiple regions and deliver them to a single S3 bucket for a single account. -
In AWS, which service provides a reliable and inexpensive way to backup and archive CloudTrail log files?
- Amazon Archiver
- Amazon Glacier
- AWS Storage Gateway
- Amazon Elastic Block Store
Explanation:
You control the retention policies for your CloudTrail log files. By default, log files are stored indefinitely, but for cost efficiency, you may want to delete old log files or archive them to Amazon Glacier, a storage service optimized for data archiving and backup of infrequently used data.
-
For web distributions in Amazon CloudFront, your origin can be either an Amazon S3 bucket or _______ .
- a DNS server
- a proxy server
- an FTP server
- an HTTP server
Explanation:
For web distributions in Amazon CloudFront, your origin can be either an Amazon S3 bucket or an HTTP server. -
In the context of Amazon CloudFront, when you configure the media player, the path you specify to the media file must contain the characters _____________.
- flv/std just before the domain name
- flv/std immediately after the domain name
- cfx/st just before the domain name
- cfx/st immediately after the domain name
Explanation:
In Amazon CloudFront, when you configure the media player, the path you specify to the media file must contain the characters cfx/st immediately after the domain name. For example:rtmp://s5c39gqb8ow64r.cloudfront.net/cfx/st/mediafile.flv -
Which of the following is true when you don’t configure Amazon CloudFront to forward cookies to your origin?
- CloudFront removes the Cookie header from requests that it forwards to your origin.
- CloudFront disables viewer requests to your origin, including all cookies.
- CloudFront caches your objects based on cookie values.
- CloudFront automates code deployments to any instance.
Explanation:
If you don’t configure CloudFront to forward cookies to your origin, CloudFront removes the Cookie header from requests that it forwards to your origin and removes the Set-Cookie header from responses that it returns to your clients. -
What is the maximum size of a response body that Amazon CloudFront will return to the viewer?
- Unlimited
- 5 GB
- 100 MB
- 20 GB
Explanation:
The maximum size of a response body that CloudFront will return to the viewer is 20 G -
How many tunnels do you get with each VPN connection hosted by AWS?
- 4
- 1
- 2
- 8
Explanation:
All AWS VPNs come with 2 tunnels for resiliency. -
You are configuring a VPN to AWS for your company. You have configured the VGW and CGW. You have created the VPN. You have also run the necessary commands on your router. You allowed all TCP and UDP traffic between your datacenter and your VPC. The tunnel still doesn’t come up. What is the most likely reason?
- You forgot to turn on route propagation in the route table.
- You do not have a public ASN.
- Your advertised subnet is too large.
- You haven’t added protocol 50 to your firewall.
Explanation:
You haven’t allowed protocol 50 through the firewall. Protocol 50 is different from UDP (17) and TCP (6) and requires a rule in your firewall for your VPN tunnel to come up. -
Your company has decided to deploy AWS WorkSpaces for its hosted desktop solution. Your manager is very concerned with security and cost, as well as reliability.
What two things should be deployed? (Choose two.)
- VPN
- AWS Hosted AD
- Direct Connect
- AD Connector
Explanation:
A VPN should be deployed over Direct Connect to ensure the traffic is encrypted. You would use an AD Connector here since it doesn’t cache any credentials in the cloud. AWS Hosted AD is more expensive and caches credentials.
Subscribe
0 Comments
Newest