Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 9 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 9
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A banking company is successfully operating its public mobile banking stack on AWS. The mobile banking stack is deployed in a VPC that includes private subnets and public subnets. The company is using IPv4 networking and has not deployed or supported IPv6 in the environment. The company has decided to adopt a third-party service provider's API and must integrate the API with the existing environment. The service provider’s API requires the use of IPv6.
A network engineer must turn on IPv6 connectivity for the existing workload that is deployed in a private subnet. The company does not want to permit IPv6 traffic from the public internet and mandates that the company's servers must initiate all IPv6 connectivity. The network engineer turns on IPv6 in the VPC and in the private subnets.
Which solution will meet these requirements?

  • A. Create an internet gateway and a NAT gateway in the VPC. Add a route to the existing subnet route tables to point IPv6 traffic to the NAT gateway.
  • B. Create an internet gateway and a NAT instance in the VPC. Add a route to the existing subnet route tables to point IPv6 traffic to the NAT instance.
  • C. Create an egress-only Internet gateway in the VPAdd a route to the existing subnet route tables to point IPv6 traffic to the egress-only internet gateway.
  • D. Create an egress-only internet gateway in the VPC. Configure a security group that denies all inbound traffic. Associate the security group with the egress-only internet gateway.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by zaazanuna at March 18, 2023, 6:11 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
study_aws1
Highly Voted 1 year, 6 months ago
Answer is C
upvoted 12 times
...
NoAwsSupport
Highly Voted 1 year, 2 months ago
A. NAT Gateway does not support IPv6 B. NAT Instance will be on Public subnet where IPv6 is not enabled. c. Works d. You don't to explicitly deny inbound access to EO GW. It is its default functionality.
upvoted 8 times
vinay777
1 year ago
Incorrect, NAT gateway support ipv6 traffic https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
upvoted 2 times
WMF0187
1 year ago
NAT64 enables your IPv6-only services in Amazon VPCs to communicate with IPv4-only services within the same VPC (in different subnets) or connected VPCs, in your on-premises networks, or over the internet. NAT64 helps your IPv6 AWS resources communicate with IPv4 resources in the same VPC or a different VPC, in your on-premises network or over the internet.
upvoted 1 times
...
...
...
AlirezaNetWorld
Most Recent 3 weeks, 1 day ago
C is the right answer 100%
upvoted 1 times
...
Raphaello
5 months, 2 weeks ago
Selected Answer: C
C is the correct answer. Egress-only internet gw.
upvoted 2 times
...
patanjali
6 months, 2 weeks ago
Answer is C As per https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html - An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances. - An egress-only internet gateway is for use with IPv6 traffic only. To enable outbound-only internet communication over IPv4, use a NAT gateway instead.
upvoted 1 times
...
vikasj1in
7 months, 1 week ago
Selected Answer: C
To meet the requirements of allowing the company's servers to initiate all IPv6 connectivity and not permitting IPv6 traffic from the public internet, you can use an egress-only Internet gateway. The egress-only Internet gateway is used for outbound communication initiated by the instances in the private subnet over IPv6. It allows the instances in the private subnet to communicate with the IPv6-enabled service provider's API while preventing incoming IPv6 traffic from the public internet.
upvoted 1 times
...
Marfee400704
7 months, 1 week ago
I think that it's correct answer is C according to SPOTO products.
upvoted 1 times
...
FayeG
10 months, 3 weeks ago
Selected Answer: C
C is the correct answer
upvoted 1 times
...
MEDES
12 months ago
NAT64 enables your IPv6-only services in Amazon VPCs to communicate with IPv4-only services within the same VPC (in different subnets) or connected VPCs, in your on-premises networks, or over the internet. NAT64 helps your IPv6 AWS resources communicate with IPv4 resources in the same VPC or a different VPC, in your on-premises network or over the internet.
upvoted 1 times
...
cmthiru
1 year, 1 month ago
Answer C
upvoted 1 times
...
demoras
1 year, 3 months ago
Selected Answer: C
Answer is C
upvoted 2 times
...
notwhoyouthink
1 year, 4 months ago
New here, but discouraged since it seems like the answers are mostly wrong or misleading.
upvoted 3 times
...
emmanuelodenyire
1 year, 4 months ago
Selected Answer: C
Option C is the correct answer because it suggests creating an egress-only Internet gateway in the VPC and adding a route to the existing subnet route tables to point IPv6 traffic to the egress-only internet gateway. This meets the requirement of not allowing IPv6 traffic from the public internet and mandates that the company's servers must initiate all IPv6 connectivity. The egress-only Internet gateway allows outbound communication over IPv6, but blocks inbound traffic.
upvoted 2 times
...
bogehad181
1 year, 5 months ago
Selected Answer: C
C: https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html
upvoted 3 times
...
Untamables
1 year, 5 months ago
Selected Answer: C
No doubt C. The egress-only internet gateway is a typical solution for IPv6.
upvoted 3 times
...
ohcan
1 year, 5 months ago
Selected Answer: B
I think B is correct. NAT instance is built over a EC2, so it supports IPv6.
upvoted 2 times
zaazanuna
1 year, 5 months ago
why would you deal with NAT Instance? it is pain in ass
upvoted 3 times
...
...
Jotoval
1 year, 5 months ago
C, https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html egress only internet gateway avoid internet initiate the traffic
upvoted 2 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel