Topic 1 Question 463
A company has many services running in its on-premises data center. The data center is connected to AWS using AWS Direct Connect (DX) and an IPSec VPN. The service data is sensitive and connectivity cannot traverse the internet. The company wants to expand into a new market segment and begin offering its services to other companies that are using AWS.
Which solution will meet these requirements?
Create a VPC Endpoint Service that accepts TCP traffic, host it behind a Network Load Balancer, and make the service available over DX.
Create a VPC Endpoint Service that accepts HTTP or HTTPS traffic, host it behind an Application Load Balancer, and make the service available over DX.
Attach an internet gateway to the VPC, and ensure that network access control and security group rules allow the relevant inbound and outbound traffic.
Attach a NAT gateway to the VPC, and ensure that network access control and security group rules allow the relevant inbound and outbound traffic.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: A
A This is a privatelink scenrio. Can't find a hard evidence but the Privatelink seem can only work with NLB. If need ALB, it will be Privatelink -> NLB -> ALB one evidence is the link lasithasilva709 posted another evidence is compare of ALB/NLB https://aws.amazon.com/elasticloadbalancing/features/?nc=sn&loc=2&dn=1 3rd evidence https://aws.amazon.com/about-aws/whats-new/2021/09/application-load-balancer-aws-privatelink-static-ip-addresses-network-load-balancer/
👍 4pangchn2024/03/25 - 正解だと思う選択肢: A
A is the correct option. There is no direct support for ALB with Private Link / VPC Endpoint service. ALB can be a target group for NLB so, we can use ALB with NLB but not ALB directly. Check this page for more details - https://aws.amazon.com/about-aws/whats-new/2021/09/application-load-balancer-aws-privatelink-static-ip-addresses-network-load-balancer/
👍 3backbencher20222024/08/26 - 正解だと思う選択肢: A
#C & #D are out given the connectivity cannot traverse the internet. #A enables secure VPC endpoint to privately expose to other companies' VPCs without traversing the internet, and TCP to provide more controlled and secure comm protocol for sensitive data
👍 2CMMC2024/03/19
シャッフルモード