Topic 1 Question 476
A software development company has multiple engineers who are working remotely. The company is running Active Directory Domain Services (AD DS) on an Amazon EC2 instance. The company's security policy states that all internal, nonpublic services that are deployed in a VPC must be accessible through a VPN. Multi-factor authentication (MFA) must be used for access to a VPN.
What should a solutions architect do to meet these requirements?
Create an AWS Site-to-Site VPN connection. Configure integration between a VPN and AD DS. Use an Amazon WorkSpaces client with MFA support enabled to establish a VPN connection.
Create an AWS Client VPN endpoint. Create an AD Connector directory for integration with AD DS. Enable MFA for AD Connector. Use AWS Client VPN to establish a VPN connection.
Create multiple AWS Site-to-Site VPN connections by using AWS VPN CloudHub. Configure integration between AWS VPN CloudHub and AD DS. Use AWS Copilot to establish a VPN connection.
Create an Amazon WorkLink endpoint. Configure integration between Amazon WorkLink and AD DS. Enable MFA in Amazon WorkLink. Use AWS Client VPN to establish a VPN connection.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B
#A - workspaces client for remote desktop access and not for VPN #C - AWS VPN CloudHub for connecting multiple on-premises or offices, and not for individual VPN connection #D - WorkLink for secure access from mobile devices and not for VPN connection
👍 4CMMC2024/03/19 - 正解だと思う選択肢: B
A: Site-to-Site VPN is for connecting networks, not giving users access. B is correct. C is rubbish: AWS Copilot is for deploying containers (and it's bloody good!) D is also rubbish: WorkLink is for website and webapp access, not VPN access.
👍 4Dgix2024/03/20 - 正解だと思う選択肢: B
has to be B
👍 2oayoade2024/03/19
シャッフルモード