ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 244 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 244
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company is planning to migrate to AWS and use multiple VPCs in multiple AWS Regions. A network engineer must connect the eu-west-1 and eu-central-1 Regions to the company headquarters and branch office, respectively.

The network engineer created a production VPC, named Prod A, with a CIDR block of 10.0.0.0/16. Prod A runs in an account in eu-west-1. The network engineer then created another production VPC, named Prod B, with a CIDR block of 10.1.0.0/16. Prod В runs in a different account in eu-central-1.

The network engineer performed the following steps to try to achieve the required connectivity:
1. Created one transit gateway in each Region
2. Shared and accepted the transit gateways with the production accounts in both Regions
3. Configured the peering attachment between both transit gateways
4. Attached both VPCs to the respective Region transit gateway
5. Created both transit gateway route tables and associated the attachments with the route tables
6. Configured a static route in both transit gateway route tables to send traffic to the remote VPC in the other Region
7. Activated route propagation on the VPC route tables in each Region

After the configuration, the network engineer tried to connect from Prod A to Prod B. However, the connection was unsuccessful.

What should the network engineer do to achieve the required connectivity?

  • A. Modify the IP address of the peering attachment to a wider range.
  • B. Delete the static routes that were in the transit gateway route table to send traffic to the remote VPC and enable route propagation instead.
  • C. Create a new route destined to 10.0.0.0/8 in both production VPC route tables with the Region transit gateway as the target.
  • D. Modify the transit gateway route tables from the production accounts to propagate routes dynamically between the production VPCs.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by c1193d4 at Jan. 6, 2025, 4:53 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
secdaddy
2 months, 3 weeks ago
Selected Answer: C
A ❌ Eliminate TGW peering attachments don’t have IP addresses. B ❌ Eliminate TGW peering requires static routes; propagation is not supported. C ⚠️ Technically Valid (but bad design) Broad CIDR route (10.0.0.0/8) works but is ugly. D ❌ Eliminate Cannot propagate routes dynamically between VPCs.
upvoted 2 times
...
woorkim
3 months, 2 weeks ago
Selected Answer: C
C is correct because: Adding a route for 10.0.0.0/8 in both VPC route tables pointing to the transit gateway will: Enable traffic to flow between the VPCs Cover both VPC CIDR ranges (10.0.0.0/16 and 10.1.0.0/16) Complete the routing path in both directions
upvoted 1 times
...
c1193d4
3 months, 3 weeks ago
Selected Answer: C
C: because TGW routes are NOT propagated to VPC route tables (manual update as to take place)
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago