Topic 1 Question 128

AWS Certified Advanced Networking - Specialty

Topic 1 Question 128
A consulting company manages AWS accounts for its customers. One of the company's customers needs to add intrusion prevention for its environment without having to re-architect the environment. The customer's environment includes five VPCs in two AWS Regions in the United States. VPC-to-VPC connectivity is achieved through VPC peering. The customer does not plan to increase the number of VPCs within the next 2 years. The solution must accommodate unencrypted traffic.

Which solution will meet these requirements?
- Configure VPC security groups and network ACLs.
- Use an AWS Network Firewall centralized deployment model in each VPC.
- Use an AWS Network Firewall distributed deployment model in each VPC.
- Deploy AWS Shield in each VPC.
ユーザの投票
コメント(9)
- 正解だと思う選択肢: C
  Nope, you can't do centralized deployment. "For centralized deployment model, AWS Transit Gateway is a prerequisite."
  
  https://aws.amazon.com/blogs/networking-and-content-delivery/deployment-models-for-aws-network-firewall/
  
  👍 9
  lygf2023/06/16
- 正解だと思う選択肢: C
  For centralized deployment model, AWS Transit Gateway is a prerequisite. Cannot add a new Shared VPC which is required for Centralized deployment.
  
  👍 5
  Josh12172023/07/12
- 正解だと思う選択肢: B
  https://aws.amazon.com/blogs/networking-and-content-delivery/deployment-models-for-aws-network-firewall/
  
  👍 3
  Balasmaniam2023/06/11
シャッフルモード

ユーザの投票

コメント(9)