AWS certification > AWS Certified Advanced Networking Specialty
AWS Certified Advanced Networking
AWS Certified Advanced Networking
Specialty
| Category | Specialty |
|---|---|
| Exam duration | 170 minutes |
| Exam format | 65 questions, either multiple choice or multiple response |
| Cost | 300 USD. Visit Exam pricing for additional cost information, including foreign exchange rates. |
| Delivery method | Pearson VUE testing center or online proctored exam. |
The AWS Certified Advanced Networking - Specialty credential helps organizations identify and develop talent with critical skills for implementing cloud initiatives. Earning AWS Certified Advanced Networking - Specialty validates expertise in designing and maintaining network architecture for the breadth of AWS services.
Course Details
1. Design a solution that incorporates edge network services
- Design patterns for the usage of content distribution networks (for example, Amazon CloudFront)
- Design patterns for global traffic management (for example, AWS Global Accelerator)
- Integration patterns for content distribution networks and global traffic management with other services (for example, Elastic Load Balancing [ELB], Amazon API Gateway)
2. Design DNS solutions that meet public, private, and hybrid requirements
- DNS protocol (for example, DNS records, TTL, DNSSEC, DNS delegation, zones)
- DNS logging and monitoring
- Amazon Route 53 features (for example, alias records, traffic policies, resolvers, health checks)
- Integration of Route 53 with other AWS networking services (for example, Amazon VPC)
- Integration of Route 53 with hybrid, multi-account, and multi-Region options
- Domain registration
3. Design solutions that integrate load balancing
- How load balancing works at layer 3, layer 4, and layer 7 of the OSI model
- Different types of load balancers and how they meet requirements for network design, high availability, and security
- Connectivity patterns that apply to load balancing based on the use case (for example, internal load balancers, external load balancers)
- Scaling factors for load balancers
- Integrations of load balancers and other AWS services (for example, Global Accelerator, CloudFront, AWS WAF, Route 53, Amazon Elastic Kubernetes Service [Amazon EKS], AWS Certificate Manager [ACM])
- Configuration options for load balancers (for example, proxy protocol, cross-zone load balancing, session affinity [sticky sessions], routing algorithms)
- Configuration options for load balancer target groups (for example, TCP, GENEVE, IP compared with instance)
- AWS Load Balancer Controller for Kubernetes clusters
- Considerations for encryption and authentication with load balancers (for example, TLS termination, TLS passthrough)
4. Define logging and monitoring requirements across AWS and hybrid networks
- Amazon CloudWatch metrics, agents, logs, alarms, dashboards, and insights in AWS architectures to provide visibility
- AWS Transit Gateway Network Manager in architectures to provide visibility
- VPC Reachability Analyzer in architectures to provide visibility
- Flow logs and traffic mirroring in architectures to provide visibility
- Access logging (for example, load balancers, CloudFront)
5. Design a routing strategy and connectivity architecture
- Routing fundamentals (for example, dynamic compared with static, BGP)
- Layer 1 and layer 2 concepts for physical interconnects (for example, VLAN, link aggregation group [LAG], optics, jumbo frames)
- Encapsulation and encryption technologies (for example, Generic Routing Encapsulation [GRE], IPsec)
- Resource sharing across AWS accounts
- Overlay networks
6. Multiple AWS Accounts, AWS Regions, and VPCs
- Different connectivity patterns and use cases (for example, VPC peering, Transit Gateway, AWS PrivateLink)
- Capabilities and advantages of VPC sharing
- IP subnets and solutions accounting for IP address overlaps
7. On-Premises Networks and the AWS Cloud
- Routing protocols (for example, static, dynamic)
- VPNs (for example, security, accelerated VPN)
- Layer 1 and types of hardware to use (for example, Letter of Authorization [LOA] documents, colocation facilities, Direct Connect)
- Layer 2 and layer 3 (for example, VLANs, IP addressing, gateways, routing, switching)
- Traffic management and SD-WAN (for example, Transit Gateway Connect)
- DNS (for example, conditional forwarding, hosted zones, resolvers)
- Security appliances (for example, firewalls)
- Load balancing (for example, layer 4 compared with layer 7, reverse proxies, layer 3)
- Infrastructure automation
- AWS Organizations and AWS Resource Access Manager (AWS RAM) (for example, multi-account Transit Gateway, Direct Connect, Amazon VPC, Route 53)
- Test connectivity (for example, Route Analyzer, Reachability Analyzer)
- Networking services of VPCs
8. Implement and manage security and compliance policies
- Implement IAM features (for example, password policies, multi-factor authentication [MFA], roles, SAML, federated identity, resource policies, policy conditions).
- Troubleshoot and audit access issues by using AWS services (for example, CloudTrail, IAM Access Analyzer, IAM policy simulator).
- Validate service control policies (SCPs) and permissions boundaries.
- Review AWS Trusted Advisor security checks.
- Validate AWS Region and service selections based on compliance requirements.
- Implement secure multi-account strategies (for example, AWS Control Tower, AWS Organizations).
- Inter-VPC and multi-account connectivity (for example, VPC peering, Transit Gateway, VPN, third-party vendors, SD-WAN, multi-protocol label switching [MPLS])
- Private application connectivity (for example, PrivateLink)
- Methods of expanding AWS networking connectivity (for example, Organizations, AWS RAM)
- Host and service name resolution for applications and clients (for example, DNS)
- Infrastructure automation
- Authentication and authorization (for example, SAML, Active Directory)
- Security (for example, security groups, network ACLs, AWS Network Firewall)
- Test connectivity (for example, Route Analyzer, Reachability Analyzer, tooling)
9. Implement complex hybrid and multi-account DNS architectures
- When to use private hosted zones and public hosted zones
- Methods to alter traffic management (for example, based on latency, geography, weighting)
- DNS delegation and forwarding (for example, conditional forwarding)
- Different DNS record types (for example, A, AAAA, TXT, pointer records, alias records)
- DNSSEC
- How to share DNS services between accounts (for example, AWS RAM)
- Requirements and implementation options for outbound and inbound endpoints
10. Automate and configure network infrastructure
- Infrastructure as code (IaC) (for example, AWS Cloud Development Kit [AWS CDK], AWS CloudFormation, AWS CLI, AWS SDK, APIs)
- Event-driven network automation
- Common problems of using hardcoded instructions in IaC templates when provisioning cloud networking resources
11. Maintain routing and connectivity on AWS and hybrid networks
- Industry-standard routing protocols that are used in AWS hybrid networks (for example, BGP over Direct Connect)
- Connectivity methods for AWS and hybrid networks (for example, Direct Connect gateway, Transit Gateway, VIFs)
- How limits and quotas affect AWS networking services (for example, bandwidth limits, route limits)
- Available private and public access methods for custom services (for example, PrivateLink, VPC peering)
- Available inter-Regional and intra-regional communication patterns
12. Monitor and analyse network traffic to troubleshoot
- Network performance metrics and reachability constraints (for example, routing, packet size)
- Appropriate logs and metrics to assess network performance and reachability issues (for example, packet loss)
- Tools to collect and analyze logs and metrics (for example, CloudWatch, VPC Flow Logs, VPC Traffic Mirroring)
- Tools to analyze routing patterns and issues (for example, Reachability Analyzer, Transit Gateway Network Manager)
13. Optimize AWS networks for performance, reliability, and cost-effectiveness
- Situations in which a VPC peer or a transit gateway are appropriate
- Different methods to reduce bandwidth utilization (for example, unicast compared with multicast, CloudFront)
- Cost-effective connectivity options for data transfer between a VPC and on-premises environments
- Different types of network interfaces on AWS
- High-availability features in Route 53 (for example, DNS load balancing using health checks with latency and weighted record sets)
- Availability of options from Route 53 that provide reliability
- Load balancing and traffic distribution patterns
- VPC subnet optimization
- Frame size optimization for bandwidth across different connection Types
14. Implement and maintain network features to meet security
- Different threat models based on application architecture
- Common security threats
- Mechanisms to secure different application flows
- AWS network architecture that meets security and compliance requirements
- Network monitoring and logging services that are available in AWS (for example, CloudWatch, AWS CloudTrail, VPC Traffic Mirroring, VPC Flow Logs, Transit Gateway Network Manager)
- Alert mechanisms (for example, CloudWatch alarms) Log creation in different AWS services (for example, VPC flow logs, load balancer access logs, CloudFront access logs)
- Log delivery mechanisms (for example, Amazon Kinesis, Route 53, CloudWatch)
- Mechanisms to audit network security configurations (for example, security groups, AWS Firewall Manager, AWS Trusted Advisor)
- Network encryption options that are available on AWS
- VPN connectivity over Direct Connect
- Encryption methods for data in transit (for example, IPsec)
- Network encryption under the AWS shared responsibility model
- Security methods for DNS communications (for example, DNSSEC)
| Fees Structure : | 12500 INR / 150 USD |
| Total No of Class : | 93 Video Class |
| Class Duration : | 47:30 Working Hours |
| Download Feature : | Download Avalable |
| Technical Support : | Call / Whatsapp : +91 8680961847 |
| Working Hours : | Monday to Firday 9 AM to 6 PM |
| Payment Mode : | Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay) |
| Fees Structure : | 22500 INR / 270 USD |
| Class Duration : | 45 Days |
| Class Recording : | Live Class Recording available |
| Class Time : | Monday to Firday 1.5 hours per day / Weekend 3 Hours per day |
| Technical Support : | Call / Whatsapp : +91 8680961847 |
| Working Hours : | Monday to Firday 9 AM to 6 PM |
| Payment Mode : | Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay) |
Zetlan Technologies, All right reserved.