Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon ANS-C01 Exam - Topic 5 Question 40 Discussion

A real estate company is building an internal application so that real estate agents can upload photos and videos of various properties. The application will store these photos and videos in an Amazon S3 bucket as objects and will use Amazon DynamoDB to store corresponding metadata. The S3 bucket will be configured to publish all PUT events for new object uploads to an Amazon Simple Queue Service (Amazon SQS) queue.A compute cluster of Amazon EC2 instances will poll the SQS queue to find out about newly uploaded objects. The cluster will retrieve new objects, perform proprietary image and video recognition and classification update metadata in DynamoDB and replace the objects with new watermarked objects. The company does not want public IP addresses on the EC2 instances.Which networking design solution will meet these requirements MOST cost-effectively as application usage increases?
C) Place the EC2 instances in a private subnet. Create an interface VPC endpoint for Amazon SQS. Create gateway VPC endpoints for Amazon S3 and DynamoDB.
A) Place the EC2 instances in a public subnet. Disable the Auto-assign Public IP option while launching the EC2 instances. Create an internet gateway. Attach the internet gateway to the VPC. In the public subnet's route table, add a default route that points to the internet gateway.
B) Place the EC2 instances in a private subnet. Create a NAT gateway in a public subnet in the same Availability Zone. Create an internet gateway. Attach the internet gateway to the VPC. In the public subnet's route table, add a default route that points to the internet gateway
D) Place the EC2 instances in a private subnet. Create a gateway VPC endpoint for Amazon SQS. Create interface VPC endpoints for Amazon S3 and DynamoDB.

Amazon ANS-C01 Exam - Topic 5 Question 40 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 40
Topic #: 5
[All ANS-C01 Questions]

A real estate company is building an internal application so that real estate agents can upload photos and videos of various properties. The application will store these photos and videos in an Amazon S3 bucket as objects and will use Amazon DynamoDB to store corresponding metadat

a. The S3 bucket will be configured to publish all PUT events for new object uploads to an Amazon Simple Queue Service (Amazon SQS) queue.

A compute cluster of Amazon EC2 instances will poll the SQS queue to find out about newly uploaded objects. The cluster will retrieve new objects, perform proprietary image and video recognition and classification update metadata in DynamoDB and replace the objects with new watermarked objects. The company does not want public IP addresses on the EC2 instances.

Which networking design solution will meet these requirements MOST cost-effectively as application usage increases?

Show Suggested Answer Hide Answer
Suggested Answer: C, E

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_EC2.html


by Marylyn at Sep 18, 2024, 08:05 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Maia
6 months ago
Not sure if option D is cost-effective. What do you think?
upvoted 0 times
...
German
6 months ago
I’m surprised they want no public IPs on the EC2 instances.
upvoted 0 times
...
Arleen
7 months ago
Wait, why would you need a NAT gateway? Seems unnecessary.
upvoted 0 times
...
Stevie
7 months ago
I think option C is the best choice here.
upvoted 0 times
...
Rossana
7 months ago
Sounds like a solid plan with S3 and DynamoDB!
upvoted 0 times
...
Ricarda
7 months ago
I recall that using private subnets is generally more cost-effective, but I’m not entirely sure if option D is the best choice since it has both types of endpoints.
upvoted 0 times
...
Dulce
7 months ago
I’m a bit confused about the difference between gateway and interface VPC endpoints. I feel like I might have mixed them up in my notes.
upvoted 0 times
...
Misty
8 months ago
I think option C sounds familiar because it mentions VPC endpoints, which we practiced in a similar question. It seems like a good fit for avoiding public IPs.
upvoted 0 times
...
Eden
8 months ago
I remember we discussed the importance of keeping EC2 instances in a private subnet for security reasons, but I'm not sure if we need a NAT gateway for this scenario.
upvoted 0 times
...
Amalia
8 months ago
Okay, I think I've got a handle on this. Option C seems to be the most cost-effective solution that meets all the requirements. I'll make sure to explain my reasoning clearly.
upvoted 0 times
...
Willie
8 months ago
I'm a bit confused by the differences between the options. I'll need to read through them again and make sure I understand the implications of each approach.
upvoted 0 times
...
Fannie
8 months ago
Option C looks promising - using VPC endpoints to access the other AWS services without needing public internet access. I'll make sure I understand how VPC endpoints work.
upvoted 0 times
...
Gilma
8 months ago
Hmm, the key seems to be how to provide internet access for the EC2 instances without using public IP addresses. I'll need to think through the pros and cons of each approach.
upvoted 0 times
...
Benton
8 months ago
This looks like a networking design question, so I'll need to carefully consider the requirements and the different options presented.
upvoted 0 times
...
Dorthy
8 months ago
I've got a good strategy for this. I'd use the context explorer to find the file and download it to my local machine for investigation. That way I can really dig into it and determine if it's malicious or not.
upvoted 0 times
...
Viva
1 year ago
Wait, so we're building a real estate app and the company doesn't want public IP addresses? Sounds like they're trying to keep their agents' secret hideouts a secret. Option C is the way to go, for sure!
upvoted 0 times
Cathrine
12 months ago
Definitely, that way the company can ensure the privacy and security of the application.
upvoted 0 times
...
Rose
1 year ago
Yeah, placing the EC2 instances in a private subnet with VPC endpoints for SQS, S3, and DynamoDB is the way to go.
upvoted 0 times
...
Deja
1 year ago
I agree, Option C seems like the best choice to keep everything secure.
upvoted 0 times
...
...
Juan
1 year ago
Option A is an interesting choice, but I'm not sure I'd want to expose my EC2 instances to the public internet, even if I disable the public IP option. Gotta keep those servers safe and secure, you know?
upvoted 0 times
Hershel
1 year ago
User 3: Option C also seems like a secure solution with VPC endpoints for SQS, S3, and DynamoDB. It's important to keep the data protected.
upvoted 0 times
...
Fabiola
1 year ago
User 2: I agree, having a NAT gateway in a public subnet for outbound internet access seems like a good idea.
upvoted 0 times
...
Altha
1 year ago
User 1: Option B sounds like a better choice. Keeping the EC2 instances in a private subnet adds an extra layer of security.
upvoted 0 times
...
...
Lavera
1 year ago
Haha, I remember my first time taking a cloud certification exam. All these networking options can be a bit overwhelming, but I think Option B is the way to go. It's a classic setup that should work well for this use case.
upvoted 0 times
Alison
12 months ago
Definitely, using a NAT gateway in a public subnet for internet access is a common practice in AWS setups.
upvoted 0 times
...
Twanna
12 months ago
I think having the internet gateway attached to the VPC will help with external communication.
upvoted 0 times
...
Kami
1 year ago
Yeah, placing the EC2 instances in a private subnet with a NAT gateway is a good way to ensure security.
upvoted 0 times
...
Aide
1 year ago
I agree, Option B seems like the most secure choice for this scenario.
upvoted 0 times
...
...
Leota
1 year ago
I'm not sure about option C. I think option B could also work well by using a NAT gateway for internet access. But I see the benefits of using VPC endpoints in option C.
upvoted 0 times
...
Johnna
1 year ago
I agree with Cassi. Option C seems like the most secure and cost-effective solution for our application as it scales.
upvoted 0 times
...
Fanny
1 year ago
I'm leaning towards Option D. The use of a gateway VPC endpoint for SQS and interface VPC endpoints for S3 and DynamoDB seems like a more secure and efficient setup.
upvoted 0 times
Alaine
1 year ago
User 2
upvoted 0 times
...
Elly
1 year ago
User 1
upvoted 0 times
...
...
Cassi
1 year ago
I think option C is the best choice. It allows us to keep the EC2 instances in a private subnet while still being able to access the necessary services through VPC endpoints.
upvoted 0 times
...
Marquetta
1 year ago
Option C seems like the most cost-effective solution. Using VPC endpoints eliminates the need for a NAT gateway or internet gateway, which can be expensive as usage increases.
upvoted 0 times
Frank
1 year ago
Definitely, cost-effectiveness is key when building internal applications.
upvoted 0 times
...
Meghann
1 year ago
It's important to consider scalability when choosing a networking design.
upvoted 0 times
...
Donette
1 year ago
Yeah, using VPC endpoints can save on costs in the long run.
upvoted 0 times
...
Rhea
1 year ago
I agree, option C seems like the most cost-effective solution.
upvoted 0 times
...
...
Yaeko
1 year ago
But with option D, we only need one gateway VPC endpoint for SQS, S3, and DynamoDB.
upvoted 0 times
...
Ammie
1 year ago
I disagree, I believe option D is more cost-effective.
upvoted 0 times
...
Yaeko
1 year ago
I think option A is the best choice.
upvoted 0 times
...

Save Cancel