AWS ANS-C01 glossary of networking, resilience, failover terms, traps, and decision cues.
Use this glossary when AWS Certified Advanced Networking - Specialty (ANS-C01) terms start to blur together. The goal is practical recognition, not encyclopedia coverage.
| Term | Exam meaning |
|---|---|
| Transit Gateway | Regional hub for connecting VPCs and on-premises networks. |
| BGP | Dynamic routing protocol commonly used with VPN and Direct Connect. |
| NAT gateway | Managed outbound internet path for private subnets. |
| Security group | Stateful instance or interface-level firewall. |
| NACL | Stateless subnet-level network ACL. |
| Gateway Load Balancer | Load balancer pattern for inserting and scaling network appliances. |
| Pair | How to separate them |
|---|---|
| VPC design and routing vs Hybrid connectivity | Ask which layer the scenario is testing, then match the answer to that layer only. |
| Control vs evidence | A control changes behavior; evidence proves behavior or supports investigation. |
| Managed service vs custom build | Managed services win for lower operational effort unless the requirement needs unsupported customization. |
| Prevention vs detection | Prevention blocks or reduces a bad event; detection finds or reports that it happened. |
Do not memorize terms in isolation. For each term, write one scenario where it is the best answer, one scenario where it is a distractor, and one signal that proves it worked.