Topic 1 Question 139
3 つ選択A company has an AWS environment that includes multiple VPCs that are connected by a transit gateway. The company has decided to use AWS Site-to-Site VPN to establish connectivity between its on-premises network and its AWS environment.
The company does not have a static public IP address for its on-premises network. A network engineer must implement a solution to initiate the VPN connection on the AWS side of the connection for traffic from the AWS environment to the on-premises network.
Which combination of steps should the network engineer take to establish VPN connectivity between the transit gateway and the on-premises network?
Configure the Site-to-Site VPN tunnel options to use Internet Key Exchange version 1 (IKEv1).
Configure the Site-to-Site VPN tunnel options to use Internet Key Exchange version 2 (IKEv2).
Use a private certificate authority (CA) from AWS Private Certificate Authority to create a certificate.
Use a public certificate authority (CA) from AWS Private Certificate Authority to create a certificate.
Create a customer gateway. Specify the current dynamic IP address of the customer gateway device’s external interface.
Create a customer gateway without specifying the IP address of the customer gateway device.
ユーザの投票
コメント(14)
- 正解だと思う選択肢: BCF
BCF is the right answer.
👍 9AJ74282023/06/15 For people who said F is wrong, please read this 'An IP address is not required when you are using a private certificate from AWS Private Certificate Authority.' https://docs.aws.amazon.com/vpn/latest/s2svpn/cgw-options.html
👍 7Neo002023/07/18- 正解だと思う選択肢: BCE
BCE is the right combination
👍 4Pratap2023/06/09
シャッフルモード