Topic 1 Question 196
A company has an application that runs on premises. The application needs to communicate with an application that runs in a VPC on AWS. The communication between the applications must be encrypted and must use private IP addresses. The communication cannot travel across the public internet.
The company has established a 1 Gbps AWS Direct Connect connection between the on-premises location and AWS.
Which solution will meet the connectivity requirements with the LEAST operational overhead?
Configure a private VIF on the Direct Connect connection. Associate the private VIF with the VPC's virtual private gateway. Set up an AWS Site-to-Site VPN private IP VPN connection to the virtual private gateway.
Create a transit gateway. Configure a transit VIF on the Direct Connect connection. Associate the transit VIF with a Direct Connect gateway. Associate the Direct Connect gateway with a new transit gateway. Set up an AWS Site-to-Site VPN private IP VPN connection to the transit gateway.
Configure a public VIF on the Direct Connect connection. Associate the public VIF with a Direct Connect gateway. Associate the Direct Connect gateway with a new transit gateway. Set up an AWS Site-to-Site VPN private IP VPN connection to the transit gateway.
Create a transit gateway. Configure a transit VIF on the Direct Connect connection. Associate the transit VIF with a Direct Connect gateway. Associate the Direct Connect gateway with a new transit gateway. Set up a third-party firewall in a new VPC that is attached to the transit gateway. Set up a VPN connection to the third-party firewall.
ユーザの投票
コメント(10)
- 正解だと思う選択肢: A
Least operational overhead. No need for a transit gateway since just 1 vpc. Use Site-to-site to make sure encryption. No public VIF.
👍 4vic6142024/05/30 - 正解だと思う選択肢: B
Private VIFs are used to establish private connectivity between your on-premises network and your VPCs in AWS without traversing the public internet. They are typically used for scenarios where you need dedicated, private communication between your on-premises infrastructure and your AWS resources.
However, to establish a Site-to-Site VPN connection, you need to configure a virtual private gateway (VGW) in your VPC. The VGW acts as the VPN endpoint in the AWS cloud. Site-to-Site VPN connections are established between the VGW and your on-premises VPN device or network.
Option B is correct
👍 4strike3test2024/06/13 Agree, A is least overhead to implement.
👍 3AXH2024/06/07
シャッフルモード