AWS Certified Advanced Networking – Speciality (ANS-C00) Exam Learning Path
I recently cleared the AWS Certified Advanced Networking – Speciality (ANS-C00), which was my first, en route my path to the AWS Speciality certifications. Frankly, I feel the time I gave for preparation was still not enough, but I just about managed to get through. So a word of caution, this exam is inline or tougher than the professional exam especially for the reason that the Networking concepts it covers are not something you can get your hands dirty with easily.
AWS Certified Advanced Networking – Speciality (ANS-C00) exam is the focusing on the AWS Networking concepts. It basically validates
- Design, develop, and deploy cloud-based solutions using AWS
Implement core AWS services according to basic architecture best practices - Design and maintain network architecture for all AWS services
- Leverage tools to automate AWS networking tasks
Refer to AWS Certified Advanced Networking – Speciality Exam Guide
AWS Certified Advanced Networking – Speciality (ANS-C00) Exam Resources
- Online Courses
- Stephane Maarek – Ultimate AWS Certified Advanced Networking Specialty 2021
- Zeal Vora – AWS Certified Advanced Networking Specialty course
- Linux Academy – AWS Certified Advanced Networking Specialty course
- Practice Tests
AWS Certified Advanced Networking – Speciality (ANS-C00) Exam Summary
- AWS Certified Advanced Networking – Speciality exam covers a lot of Networking concepts like VPC, VPN, Direct Connect, Route 53, ALB, NLB.
- One of the key tactic I followed when solving the DevOps Engineer questions was to read the question and use paper and pencil to draw a rough architecture and focus on the areas that you need to improve. Trust me, you will be able eliminate 2 answers for sure and then need to focus on only the other two. Read the other 2 answers to check the difference area and that would help you reach to the right answer or atleast have a 50% chance of getting it right.
- Be sure to cover the following topics
- Networking & Content Delivery
- You should know everything in Networking.
- Understand VPC in depth
- Understand VPC, Subnets
- Know that AWS allows you to extend your VPC by adding a secondary VPC (hint: focus on the IP limitations that you can assign to a created VPC)
- Understand Security Groups, NACLs (Hint : know NACLs are stateless and how it is reflected in VPC Flow Logs)
- Understand DHCP Option Sets esp. how to resolve DNS from both on-premises data center and AWS.
- Understand VPC Peering, configuration and its limitations (Hint: try it yourself esp. cross account ones to know whats needed)
- Understand Placement Groups, Enhanced Networking
- Understand VPC Endpoints esp. services supported by Gateway and Interface Endpoints. Interface Endpoints are also called Private Links.
- Know Transit VPC and its use case
- Know CloudHub and its use case
- Virtual Private Network to establish connectivity between on-premises data center and AWS VPC
- Direct Connect to establish connectivity between on-premises data center and AWS VPC and Public Services
- Make sure you understand Direct Connect in detail, without this you cannot clear the exam
- Understand Direct Connect connections – Dedicated and Hosted connections
- Understand how to create a Direct Connect connection (hint: LOA-CFA provides the details for partner to connect to AWS Direct Connect location)
- Understand virtual interfaces options – Private Virtual Interface for VPC resources and Public Virtual Interface for Public resources
- Understand setup Private and Public VIF
- Understand Route Propagation, propagation priority, BGP connectivity
- Understand High Availability options based on cost and time i.e. Second Direct Connect connection OR VPN connection
- Understand Direct Connect Gateway – it provides a way to connect to multiple VPCs from on-premises data center using the same Direct Connect connection
- Route 53
- Understand Route 53 and Routing Policies and their use cases Focus on Weighted, Latency routing policies
- Understand Route 53 Split View DNS to have the same DNS to access a site externally and internally
- Understand CloudFront and use cases
- Load Balancer
- Understand ELB, ALB and NLB
- Understand the difference ELB, ALB and NLB esp. ALB provides Content, Host and Path based Routing while NLB provides the ability to have static IP address
- Know how to design VPC CIDR block with NLB (Hint – minimum number of IPs required are 8)
- Know how to pass original Client IP to the backend instances (Hint – X-Forwarded-for and Proxy Protocol)
- Know WorkSpaces requirements and setup
- Security
- Know AWS GuardDuty as managed threat detection service
- Know AWS Shield esp. the Shield Advanced option and the features it provides
- Know WAF as Web Traffic Firewall – (Hint – WAF can be attached to your CloudFront, Application Load Balancer, API Gateway to dynamically detect and prevent attacks)
- Monitoring & Management Tools
- Understand AWS CloudFormation esp. in terms of Network creation. (Hint – Know Custom resources can be used to handle activities not supported by AWS)
- Understand CloudTrail for audit and governance
- Understand AWS Config and its use case
- Integration Tools
- Whitepapers and articles
- AWS Network Connectivity Options
- AWS Certification – Networking Services – Cheat Sheet
- AWS Certification – Security & Identity Services – Cheat Sheet
- AWS VPC Connectivity Options
- AWS Single Region Multi VPC Connectivity
- AWS Multiple VPC VPN Connection Sharing
- DNS Resolution between On-premises and AWS
- Networking & Content Delivery
What score did you get? Just wondering how high is the passing score right now (the trend)? Thanks!
i think its 790, but i have heard of other clearing the exam on 730-740 as well.
Hi Jayendra!
Awesome stuff as always! Just curious, how long did you spend preparing for the exam? Thanks!
Around 2 months and maybe an hour or so. But you need to surely prepare for this one.
How would your rate the difficulty or real exam in comparison to the practice tests on “Braincert” that you recommend to take? Thanks!
difficulty wise its similar, how as I mentioned both the course and practice exams wont give you 100% coverage of the actual exam, so you should be better prepared.
Thanks for the information here! Just curious though since I am currently taking an online class for this exam. Is ELB (Classic Load Balancer) still a big topic? what about Application Load Balancer? My class only covers ELB, and practically nothing on ALB…
With Networking, not much stress on ELB you just need to know the concepts. ELB/ALB/NLB are required for Associate and SA-Professional exam.
Is it true that Hybrid DNS has is being deprecated for Route 53 Resolver endpoint scenarios on the exam?
Hey, What about Zeal Vora course. Is it better than Linux Academy ?
Hi Ravi, haven’t checked on Networking course from Zeal.
is SA-Assoc exam pre-req for this networking speciality or one can jumpstart on this directly?
there are no pre-requistes for the Speciality and Professional exams now, so you can directly appear for the same.
hi jayendra, linux academy does not have a per course subscription. What other options do you recommend?
Hi Surendrann thats right Linux Academy is subscription basis and doesn’t provide each course purchase. You can also check on Zeal vora course @ https://www.udemy.com/course/aws-certified-advanced-networking-specialty/?couponCode=AWSJROCKS-NOV
Thank you Jayendra for this summary, I just complete my course from LA and preparing for the exam in 16Jan2020. let see
All the best Mulham …
Hi Mulham, How was your exam? I have just started LA course ( by Tia Williams) what addetional materials you used?
Many Thanks
Rahul
Hi
My DB is in private network. No NAT is attached and there is no connectivity to internet. Now I want to access the DB from public network and public ip address added to the DB security group . In this case shall I access the database? pls confirm
for db in private subnet, the only way you can access it is using Jump server and tunneling.
You can access resources in private subnets via VPN and/DX connections, if there is absolutely no public network connectivity. BT.
Hi ,
Do we need to well verse with the topics of AWS professional exam in order to pursue for aws advanced network specialty .
Since i am from networking background so thinking to go direct with aws advanced network specialty exam .
please suggest.
Networking is more focused on VPC, Direct Connect, VPN and deep dive in these topics are enough.
Hello Sir any online Course Would you suggest for clear the AWS Certified Advanced Networking – Specialty (ANS-C00) Exam .
I have Rick Crsisi course on Udemy any other suggestion.
I had done LA course, Zeal on Udemy has good feedback as well. I have not checked Rick one.
@Jayendra
Very helpful content, which one should consider going over, before going for the exam. This indeed helps us to identify areas where additional revision is required.
One of the things, I should highlight, is that some questions in “Braincert” are not clear and answers are very inconsistent.
Thanks for the feedback Suran, and glad it’s helping. For Braincert, I have seen they get it right most of the time, but I have backed it up with my self-study and AWS documentation.
is braincert good for exam? i heard lot about tutorial dojo and examtopics but not aware of this braincert. how about whizlabs? i used for my architect associate level.
I have used Braincert and it worked out quite well for all the exams. Not sure for the others.