Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 340 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 340
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company operates a fleet of servers on premises and operates a fleet of Amazon EC2 instances in its organization in AWS Organizations. The company's AWS accounts contain hundreds of VPCs. The company wants to connect its AWS accounts to its on-premises network. AWS Site-to-Site VPN connections are already established to a single AWS account. The company wants to control which VPCs can communicate with other VPCs.

Which combination of steps will achieve this level of control with the LEAST operational effort? (Choose three.)

  • A. Create a transit gateway in an AWS account. Share the transit gateway across accounts by using AWS Resource Access Manager (AWS RAM).
  • B. Configure attachments to all VPCs and VPNs.
  • C. Setup transit gateway route tables. Associate the VPCs and VPNs with the route tables.
  • D. Configure VPC peering between the VPCs.
  • E. Configure attachments between the VPCs and VPNs.
  • F. Setup route tables on the VPCs and VPNs.
Show Suggested Answer Hide Answer
Suggested Answer: ABC 🗳️
by devalenzuela86 at Nov. 21, 2023, 10:08 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
HappyPrince
Highly Voted 11 months ago
Selected Answer: ABC
As transit gateway follows a hub and spoke model connecting all VPCs and VPNs to it makes more sense. Moreover, between VPCs and VPNs is invalid.
upvoted 15 times
...
HunkyBunky
Highly Voted 11 months, 3 weeks ago
Selected Answer: ACE
I guess ACE. The company wants to control which VPC will communicate with other VPC, that means that we don't need to setup attachment for all VPCs
upvoted 10 times
devalenzuela86
11 months, 3 weeks ago
Option E proposes configuring attachments between the VPCs and VPNs. This option is necessary to connect the VPCs and VPNs to the transit gateway.
upvoted 3 times
...
...
Daniel76
Most Recent 1 week, 5 days ago
why i dont choose: D - VPC peering not feasible for hundreds of VPCs E and F, the attachments and route tables should be done on the transit gateways, not on the VPCs and VPNs.
upvoted 2 times
...
Danm86
2 weeks, 2 days ago
Answer ABC is correct. Since C has route tables, which gives Organization to control which VPC can communicate
upvoted 1 times
...
JoeTromundo
1 month ago
Selected Answer: ABC
For those who think that, in relation to the requirement "The company wants to control which VPCs can communicate with other VPCs", option E would be correct, in fact this will be possible through letter C, therefore the answer is A, B, C.
upvoted 1 times
...
vip2
3 months, 3 weeks ago
Selected Answer: ABC
C is correct instea of E because all VPCs and VPN attach to Transit-GW
upvoted 1 times
...
053081f
4 months, 1 week ago
Selected Answer: ACE
The question and opitons include (or lack) some typo errors. E should be "Configure 'transit gateway' attachments between the VPCs and VPNs." Then, I think ABE is correct, not ABC. The company wants to control "which VPCs can communicate with other VPCs." It doesn't say "all VPCs and VPNs.".
upvoted 1 times
053081f
4 months, 1 week ago
Sorry I think ACE is correct, not ABC.
upvoted 1 times
...
...
seetpt
6 months, 2 weeks ago
Selected Answer: ABC
ABC for me
upvoted 3 times
...
VerRi
7 months, 4 weeks ago
Selected Answer: ACE
We don't need "all"
upvoted 3 times
...
hogtrough
8 months, 1 week ago
Selected Answer: ABC
E. You don't configure attachments between VPCs and VPNs, you configure attachments to both VPCs and VPN from the transit gateway, thus B.
upvoted 6 times
...
arberod
9 months ago
Selected Answer: ACE
It is ACE
upvoted 1 times
...
tmlong18
10 months ago
Selected Answer: ABC
I go ABC
upvoted 4 times
...
vibzr2023
10 months, 1 week ago
My Answer "ACE" Why B is correct? The question asks "The company wants to control which VPCs can communicate with other VPCs" Saying that Option B is "Involves attaching every single VPC and VPN within the organization directly to the Transit Gateway" where as Option C focuses on "establishing attachments only between the VPCs that need to communicate with each other and the VPN gateway" Can one explain why B is correct?
upvoted 1 times
vibzr2023
10 months, 1 week ago
Typo... I mean Option E Option E... focuses on "establishing attachments only between the VPCs that need to communicate with each other and the VPN gateway" Can anyone explain why B is correct?
upvoted 1 times
...
...
career360guru
10 months, 1 week ago
Selected Answer: ABC
Option A, B, C. Option E looks feasible instead of B but that is not a requirement as company only wants to control VPC to VPC communication.
upvoted 6 times
...
ayadmawla
11 months, 1 week ago
Selected Answer: ABC
ABC - we need to read the answers as a combination of steps.
upvoted 5 times
ayadmawla
11 months ago
One issue though that in order to control which VPC talks to which one, we need to setup route tables on each VPC (E) and not on the transit VPC (C) as that need to be light. So I am thinking that the choice should be ABE and not ABC. The specific use case is not mentioned here but this link should give an idea of how route tables need to be configured. https://docs.aws.amazon.com/vpc/latest/tgw/TGW_Scenarios.html
upvoted 1 times
ayadmawla
11 months ago
This article suggests the use of NACL to control inter-vpc traffic but that option is not available in the question (although there is another question that brings it up) https://intuitive.cloud/blog/securing-multi-vpc-connectivity-with-aws-transit-gateway-#:~:text=Use%20security%20groups%20and%20NACLs,connected%20to%20the%20Transit%20Gateway.
upvoted 1 times
...
...
...
shaaam80
11 months, 2 weeks ago
Selected Answer: ABC
Answer - ABC
upvoted 5 times
...
shaaam80
11 months, 3 weeks ago
Selected Answer: ACE
ACE. Option B mentions attaching 'all' VPCs, might not suggest control of what VPCs the company wants to include communcation
upvoted 3 times
shaaam80
11 months, 2 weeks ago
I stand corrected! Answer should be ABC. B- Configure attachments to all VPCs and VPNs. This is the TGW attachments to all VPCs and VPNs. E - Configure attachments between the VPCs and VPNs - WRONG!!
upvoted 2 times
...
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel