Topic 1 Question 219
A company uses the us-east-1 Region and the ap-south-1 Region for its business units (BUs). The BUS are named BU-1 and BU-Z. For each BU, there are two VPCs in us-east-1 and one VPC in ap-south-1.
Because of workload isolation requirements, resources can communicate within the same BU but cannot communicate with resources in the other BU. The company plans to add more BUs and plans to expand into more Regions
Which solution will meet these requirements with the MOST operational efficiency?
Configure an AWS Cloud WAN network that operates in the required Regions. Attach all BU VPCs to the AWS Cloud WAN core network. Update the AWS Cloud WAN segment actions to configure new routes to deny traffic between the different BU segments.
Configure a transit gateway in each Region. Configure peering between the transit gateways. Attach the BU VPCs to the transit gateway in the corresponding Region. Configure the transit gateway and VPC route tables to isolate traffic between BU VPCs.
Configure an AWS Cloud WAN network that operates in the required Regions. Attach all BU VPCs to the AWS Cloud WAN core network. Update the core network policy by setting the isolate-attachments parameter for each segment.
Configure an AWS Cloud WAN network that operates in the required Regions. Create AWS Cloud WAN segments for each BU Configure VPC attachments for each BU’s VPCs to the corresponding BU segment.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: D
D, I agree
👍 3qomtodie2024/08/30 - 正解だと思う選択肢: D
D, since segment level isolation is the best option for traffic level isolation.
👍 2ArunRav2024/11/18 - 正解だと思う選択肢: D
A. Using segment actions to deny traffic is less efficient and error-prone compared to using segments for isolation. B. Scaling to multiple BUs and Regions would require more peering connections, route table configurations, and ongoing maintenance. C. isolate-attachments parameter only isolates individual VPC attachments within a single segment. It does not provide logical separation between BUs.
👍 2woorkim2024/12/16
シャッフルモード