ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 235 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 235
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company hired an external consultant who needs to use a laptop to access the company’s VPCs. Specifically, the consultant needs access to two VPCs that are peered together in the same AWS Region. The company wants to provide the consultant with access to these VPCs without also providing any unnecessary access to other network resources.

Which solution will meet these requirements?

  • A. Create an AWS Site-to-Site VPN endpoint in the same Region as the VPCs. Configure access through an appropriate subnet and authorization rule.
  • B. Create an AWS account. Use the VPC sharing feature through AWS Resource Access Manager to allow the consultant to access the VPCs.
  • C. Create an AWS Client VPN endpoint in the same Region as the VPCs. Configure access through an appropriate subnet and authorization rule.
  • D. Create a gateway VPC endpoint in the same Region as the VPCs. Configure access through an appropriate subnet and authorization rule.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by IPLogic at Dec. 5, 2024, 5:05 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IPLogic
4 months, 3 weeks ago
Selected Answer: C
The best solution to meet the company's requirements while ensuring secure access for the external consultant without providing unnecessary access to other network resources is: C. Create an AWS Client VPN endpoint in the same Region as the VPCs. Configure access through an appropriate subnet and authorization rule.
upvoted 1 times
IPLogic
4 months, 3 weeks ago
Option A (AWS Site-to-Site VPN) is more suitable for connecting entire networks, such as between an on-premises data center and the AWS cloud, not for individual user access. Option B (VPC Sharing) allows for resource sharing within the same AWS account or across AWS accounts but does not specifically address secure access for an external consultant. Option D (Gateway VPC Endpoint) is typically used to access AWS services such as S3 and DynamoDB privately, without traversing the internet, and does not provide a mechanism for connecting an external user to VPCs.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago