ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 60 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 60
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A network engineer is designing a hybrid architecture that uses a 1 Gbps AWS Direct Connect connection between the company's data center and two AWS Regions: us-east-1 and eu-west-1. The VPCs in us-east-1 are connected by a transit gateway and need to access several on-premises databases. According to company policy, only one VPC in eu-west-1 can be connected to one on-premises server. The on-premises network segments the traffic between the databases and the server.
How should the network engineer set up the Direct Connect connection to meet these requirements?

  • A. Create one hosted connection. Use a transit VIF to connect to the transit gateway in us-east-1. Use a private VIF to connect to the VPC in eu-west-1. Use one Direct. Connect gateway for both VIFs to route from the Direct Connect locations to the corresponding AWS Region along the path that has the lowest latency.
  • B. Create one hosted connection. Use a transit VIF to connect to the transit gateway in us-east-1. Use a private VIF to connect to the VPC in eu-west-1. Use two Direct Connect gateways, one for each VIF, to route from the Direct Connect locations to the corresponding AWS Region along the path that has the lowest latency.
  • C. Create one dedicated connection. Use a transit VIF to connect to the transit gateway in us-east-1. Use a private VIF to connect to the VPC in eu-west-1. Use one Direct Connect gateway for both VIFs to route from the Direct Connect locations to the corresponding AWS Region along the path that has the lowest latency.
  • D. Create one dedicated connection. Use a transit VIF to connect to the transit gateway in us-east-1. Use a private VIF to connect to the VPC in eu-west-1. Use two Direct Connect gateways, one for each VIF, to route from the Direct Connect locations to the corresponding AWS Region along the path that has the lowest latency.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by zaazanuna at March 19, 2023, 5:05 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
that1guy
Highly Voted 2 years ago
Selected Answer: D
A and B are wrong, Direct Connect *hosted* connections only support 1 VIF per connection, see: https://docs.aws.amazon.com/directconnect/latest/UserGuide/limits.html C is wrong, see: https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-transit-gateways.html > "You cannot attach a Direct Connect gateway to a transit gateway when the Direct Connect gateway is already associated with a virtual private gateway or is attached to a private virtual interface."
upvoted 23 times
Raphaello
1 year ago
Well put.
upvoted 2 times
...
Tofu13
1 year, 7 months ago
As Mishranihal737 pointed out, the other way round should be possible, so imo the above explanation for why C is wrong is misleading, while still providing the right answer (D). Beyond statements are the key to solve the problem: 1. "VPCs in us-east-1 are connected by a transit gateway and need to access several on-premises databases" 2. "only one VPC in eu-west-1 can be connected to one on-premises server" Hence, the VPCs in us-east-1 are not allowed to access the server. Using only one DX gateway would break with the requirement described in 2. and break with the segmentation of DB and server, because: "A Direct Connect gateway is a globally available resource. You can connect to any Region globally using a Direct Connect gateway." https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-gateways-intro.html
upvoted 2 times
...
Mishranihal737
1 year, 8 months ago
But we can do the other way round, connect to tgw first and then to vgw ?
upvoted 1 times
...
...
titi_r
Highly Voted 2 years ago
Selected Answer: D
A and B - wrong: a hosted connection supports a single VIF only. C - wrong: you cannot attach both a private VIF and a transit VIF to the same transit GW. D - correct.
upvoted 10 times
Mr_Marcus
2 years ago
Supporting A&B being wrong. https://help.mulesoft.com/s/article/Can-t-Create-More-Than-1-Virtual-Interface-VIF-In-A-Direct-Connect
upvoted 1 times
...
...
AzureDP900
Most Recent 3 months, 2 weeks ago
Selected Answer: D
This setup meets the requirements as follows: The dedicated connection allows for a more direct and secure connection between the on-premises network and the AWS Regions. Using two separate Direct Connect gateways, one for each VIF, ensures that traffic is routed to the corresponding AWS Region along the path with the lowest latency. This setup also allows for better isolation and security of the on-premises networks, as each connection is dedicated to a specific region.
upvoted 1 times
...
woorkim
5 months, 3 weeks ago
D is correct!
upvoted 2 times
...
Raphaello
1 year ago
Selected Answer: D
D is the correct answer. You cannot attach a Direct Connect gateway to a transit gateway when the Direct Connect gateway is already associated with a virtual private gateway or is attached to a private virtual interface.
upvoted 1 times
...
marfee
1 year, 2 months ago
I think that It's correct answer is D.
upvoted 1 times
...
Arad
1 year, 5 months ago
Selected Answer: D
D is the right answer.
upvoted 1 times
...
DeathFrmAbv
1 year, 9 months ago
D is the answer, but ideally in real life I would just use a transit gateway in the EU region as well and connect them to the same direct connect gateway instead of having to use two direct connect gateways due to mixing up private VIFS with transit VIFS
upvoted 2 times
...
study_aws1
2 years ago
One Hosted connection only supports a single VIF, not two VIFs. Option D) is the answer.
upvoted 4 times
...
helloworldabc
2 years ago
BBBBBBBBBBB
upvoted 2 times
...
zaazanuna
2 years ago
B - correct. This solution meets the requirements of the company by using a single Direct Connect connection with two VIFs, one connected to the transit gateway in us-east-1 and the other connected to the VPC in eu-west-1. Two Direct Connect gateways are used, one for each VIF, to route traffic from the Direct Connect location to the corresponding AWS Region along the path that has the lowest latency. This setup ensures that traffic between the VPCs in us-east-1 and on-premises databases is routed through the transit gateway, while traffic between the VPC in eu-west-1 and the on-premises server is routed directly through the private VIF.
upvoted 3 times
Spaurito
5 months, 3 weeks ago
B is correct. This meets the requirements.
upvoted 1 times
Spaurito
5 months ago
D - have to change. As per that1guy said, hosted connection only supports 1 VIF
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago