Amazon Exam ANS-C01 Topic 5 Question 40 Discussion

Actual exam question for Amazon's ANS-C01 exam

Question #: 40
Topic #: 5

A real estate company is building an internal application so that real estate agents can upload photos and videos of various properties. The application will store these photos and videos in an Amazon S3 bucket as objects and will use Amazon DynamoDB to store corresponding metadat

a. The S3 bucket will be configured to publish all PUT events for new object uploads to an Amazon Simple Queue Service (Amazon SQS) queue.

A compute cluster of Amazon EC2 instances will poll the SQS queue to find out about newly uploaded objects. The cluster will retrieve new objects, perform proprietary image and video recognition and classification update metadata in DynamoDB and replace the objects with new watermarked objects. The company does not want public IP addresses on the EC2 instances.

Which networking design solution will meet these requirements MOST cost-effectively as application usage increases?

APlace the EC2 instances in a public subnet. Disable the Auto-assign Public IP option while launching the EC2 instances. Create an internet gateway. Attach the internet gateway to the VPC. In the public subnet's route table, add a default route that points to the internet gateway.

BPlace the EC2 instances in a private subnet. Create a NAT gateway in a public subnet in the same Availability Zone. Create an internet gateway. Attach the internet gateway to the VPC. In the public subnet's route table, add a default route that points to the internet gateway

CPlace the EC2 instances in a private subnet. Create an interface VPC endpoint for Amazon SQS. Create gateway VPC endpoints for Amazon S3 and DynamoDB.

DPlace the EC2 instances in a private subnet. Create a gateway VPC endpoint for Amazon SQS. Create interface VPC endpoints for Amazon S3 and DynamoDB.

Show Suggested Answer

Suggested Answer: C, E

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_EC2.html

by Marylyn at Sep 18, 2024, 08:05 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Viva

22 days ago

Wait, so we're building a real estate app and the company doesn't want public IP addresses? Sounds like they're trying to keep their agents' secret hideouts a secret. Option C is the way to go, for sure!

upvoted 0 times

Deja

3 days ago

I agree, Option C seems like the best choice to keep everything secure.

upvoted 0 times

...

1 months ago

Haha, I remember my first time taking a cloud certification exam. All these networking options can be a bit overwhelming, but I think Option B is the way to go. It's a classic setup that should work well for this use case.

upvoted 0 times

Aide

7 days ago

I agree, Option B seems like the most secure choice for this scenario.

upvoted 0 times

...

Leota

2 months ago

I'm not sure about option C. I think option B could also work well by using a NAT gateway for internet access. But I see the benefits of using VPC endpoints in option C.

upvoted 0 times

...

Johnna

2 months ago

I agree with Cassi. Option C seems like the most secure and cost-effective solution for our application as it scales.

upvoted 0 times

...

2 months ago

I think option A is the best choice.

upvoted 0 times

...