AWS Certified Advanced Networking – Specialty General Tips

  • Depending on your occupation, this could be the most difficult or the easiest.
  • This exam as the time of being, was updated Jan 2019, which means a lot of new features did not exist then!
    • For example NLB added support for UDP in Jun 2019, which means if you see “UDP” in question and you should immediately rule out ELB options!
  • About 30% of the questions are related to Direct Connect, so understanding DX is very important.
    • Within that, there are a few questions directly aim at testing your knowledge about BGP
  • About 15% are related to how VPCs are connected together.
  • About 20% are about VPC in general, like security groups, NACL, routing tables, etc.
  • About 10% are related to DNS and Route 53
  • You need to know about S3 endpoints, its setup, policies, which come up in the exam more than what I would expect
  • Vocabulary check
    • BGP
    • Route Propagation
    • iBGP
    • trunking
    • 802.1
    • QinQ
    • VGW
    • IPSec VPN
    • VLAN
    • AS prepending
    • ELB
    • Single-mode Fiber
    • NAT Gateway / Instance
    • Private Hosted Zone
    • AS Number
    • Local preference / LOCAL_PREF
    • VIF
    • MPLS
    • Routing table
    • DX Gateway
    • DNS Proxy
    • Customer Gateway
    • Security group
    • VLAN Tags
    • DX Location
    • WorkSpaces networking requirement
    • ACL / NACL
    • Stateful
    • Lambda@Edge
    • CloudHub
    • IP Prefixes
    • AD Connector
    • IGW
    • Enhanced Networking
    • Placement Group
    • CloudHSM
    • Dynamic / Static Routing
    • Wireshark
    • BFD
    • DX cross-account sharing and data transfer billing
    • Public Hosted Zone
    • L2 Switch
    • A / CNAME / ALIAS
    • CIDR and binary calculations
    • Hosted VIF
    • Source/Destination Checking
    • AS Path
    • BIND
    • MTU / Jumbo Frame
    • BGP Community
    • Flow Logs
    • S3 Endpoint
    • Match Origin
    • DNS Forwarder
    • VPCE
    • VPC Peering
    • Transit VPC
    • DX
  • Some general tips that may become handy
    • IP 50 + UDP 500
    • Use QinQ, then strip the outer tag
    • DX use a different router even if you provision twice at the same location
    • DX public VIF connects to any region, private VIF needs DX gateway
    • DX public VIF is used for IPSec VPN
    • Security group is regional

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s