Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 91 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 91
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company needs to transfer data between its VPC and its on-premises data center. The data must travel through a connection that has dedicated bandwidth. The data also must be encrypted in transit. The company has been working with an AWS Partner Network (APN) Partner to establish the connection.

Which combination of steps will meet these requirements? (Choose three.)

  • A. Request a hosted connection from the APN Partner.
  • B. Request a hosted public VIF from the APN Partner.
  • C. Create an AWS Site-to-Site VPN connection.
  • D. Create an AWS Client VPN connection.
  • E. Create a private VIF.
  • F. Create a public VIF.
Show Suggested Answer Hide Answer
Suggested Answer: ACF 🗳️
by lygf at June 6, 2023, 4:32 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
lygf
Highly Voted 1 year, 5 months ago
Selected Answer: ACF
You need public VIF in order to create a Site-to-Site VPN connection.
upvoted 17 times
...
Spaurito
Most Recent 6 days, 6 hours ago
ACE - Private VIF for the connection with Private IP VPN as per https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
upvoted 1 times
...
hedglin
3 months, 1 week ago
Correct Answer : ACE. Option F is wrong. Private VIF (Virtual Interface) is the appropriate type of VIF for connecting to a VPC, as opposed to a public VIF which is used for accessing public AWS services.
upvoted 1 times
...
michele_scar
8 months, 2 weeks ago
Selected Answer: ACF
The PRIVATE VIF as a distractor is so bad :D
upvoted 2 times
Spaurito
2 days, 5 hours ago
I agree. A distractor for sure. So the question doesn't define private or public IP addressing. The only clue to me is the dedicated bandwidth which leads me to the Private VIF
upvoted 1 times
...
...
Marfee400704
8 months, 3 weeks ago
I think that it's correct answer is ACE according to SPOTO products.
upvoted 1 times
...
cumzle_com
11 months, 1 week ago
Selected Answer: ACF
Private IP VPN is deployed on top of Transit VIFs, so it allows you to use AWS Transit Gateway for centralized management of customers’ Virtual Private Clouds (VPCs) and connections to the on-premises networks in a more secured, private and scalable manner.
upvoted 3 times
...
Tofu13
1 year, 2 months ago
Selected Answer: ACF
U need a public VIF because traditionally the VPN tunnels in S2S VPN use public IPs. However, since last year it is possible to use private IPs as well with a transit VIF. https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
upvoted 2 times
...
evargasbrz
1 year, 2 months ago
Selected Answer: ACF
ACF is the right option here. If we had a TGW, we could consider the following: Private IP VPN is deployed on top of Transit VIFs, so it allows you to use AWS Transit Gateway for centralized management of customers’ Virtual Private Clouds (VPCs) and connections to the on-premises networks in a more secured, private and scalable manner." so, you must use a public VIF in order to create a Site-to-Site VPN connection
upvoted 3 times
...
TravelKo
1 year, 4 months ago
ACF is correct. You need transit VIF for private VPN.
upvoted 4 times
...
Wiss7
1 year, 4 months ago
Selected Answer: ACF
IPsec on DX is either on Transit VIF or Public VIF
upvoted 4 times
...
JosMo
1 year, 4 months ago
Selected Answer: ACE
you don't need a public VIF for this, so F is wrong
upvoted 4 times
JosMo
1 year, 4 months ago
quote "That’s why we are announcing Private IP VPN, a new feature that provides customers the ability to deploy AWS Site-to-Site VPN connections over Direct Connect using private IP addresses (RFC1918). With this feature, customers can encrypt traffic between their on-premises networks and AWS via Direct Connect connections without the need for public IP addresses, thus enabling enhanced security and network privacy at the same time. Private IP VPN is deployed on top of Transit VIFs, so it allows you to use AWS Transit Gateway for centralized management of customers’ Virtual Private Clouds (VPCs) and connections to the on-premises networks in a more secured, private and scalable manner." https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
upvoted 2 times
Cheam
1 year ago
"Private IP VPN is deployed on top of Transit VIFs" - there's no Transit VIF in the answer choices, so the answer is ACF. All the best.
upvoted 2 times
...
cumzle_com
11 months, 1 week ago
Private IP VPN is deployed on top of Transit VIFs, so it allows you to use AWS Transit Gateway for centralized management of customers’ Virtual Private Clouds (VPCs) and connections to the on-premises networks in a more secured, private and scalable manner.
upvoted 1 times
...
...
...
Balasmaniam
1 year, 5 months ago
A Private IP VPN connection requires a Direct Connect gateway and a Transit VIF as the underlying transport. https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
upvoted 1 times
Balasmaniam
1 year, 5 months ago
Answer : ACF
upvoted 4 times
...
...
takecoffe
1 year, 5 months ago
Selected Answer: ACE
ou can now create AWS Site-to-Site VPN connections on top of a Direct Connect connection using private IPs. Previously, customers had to use Public VIFs to achieve this traffic encryption, and therefore were forced to use public IP addresses for VPN endpoints. The usage of public IPs increases the probability of external attacks compelling customers to deploy additional security equipment for network protection. The Private IP VPN feature provides end-to-end private connectivity in addition to traffic encryption, improving the overall security posture.
upvoted 4 times
lygf
1 year, 5 months ago
"The private IP VPN feature allows encryption over AWS Direct Connect transit VIFs (instead of public VIFs), coupled with the ability to configure private IPs. This provides end-to-end private connectivity in addition to encryption, improving the overall security posture." You still need public VIF or transit VIF https://docs.aws.amazon.com/vpn/latest/s2svpn/private-ip-dx.html
upvoted 3 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel