Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Amazon Discussions

Exam ANS-C00 topic 1 question 243 discussion

Exam question from Amazon's ANS-C00
Question #: 243
Topic #: 1
[All ANS-C00 Questions]

In your current role as the corporate network architect `" you have decided to replace your existing hardware firewall appliances with a pair of Juniper SRX-Series
Services Gateways. You have chosen these as AWS lists these as supportable devices for establishing IPsec connections. With this in mind, select the minimum set of options to ensure that you can establish IPsec connectivity between your on premise private corporate network and your AWS hosted VPC.
Select which option is NOT required.

  • A. Initiate network connections from somewhere within your corporate network, this is required to bring the tunnels UP
  • B. Deploy a Customer Gateway within your corporate network
  • C. Deploy a Customer Gateway within your VPC
  • D. Deploy a Virtual Private Gateway within your VPC
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
A customer gateway within the corporate network is NOT required. The Customer Gateway (CGW) is a component that you deploy within your VPC that logically represents you VPN physical hardware's perimeter public IP - therefore Answer C is required. A Virtual Private Gateway (VPG) is the AWS VPN Concentrator end point ג€" and is always a requirement that needs to be deployed in your VPC - therefore it must always be deployed ג€" therefore Answer D is required.
AWS only supports IPsec in Tunnel mode ג€" therefore Answer A is required.
Reference:
https://aws.amazon.com/vpc/faqs/
by sairam at Feb. 7, 2021, 6:48 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
halfway
Highly Voted 2 years, 3 months ago
Selected Answer: B
'Customer Gateway' is a logical resource in AWS VPC https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-create-cgw
upvoted 5 times
...
haint
Most Recent 1 year, 10 months ago
C is correct answer, obviously. Customer gateway will be deployed in customer site, not in VPC. In VPC, we just it create a customer gateway with its public IP information. This step is to provide the remote IP address of customer site with AWS only.
upvoted 1 times
...
shacky
1 year, 12 months ago
Selected Answer: C
It's weird question. A customer gateway is a resource that you create in AWS that represents the customer gateway device in your on-premises network. In my opinion it should be C.
upvoted 1 times
...
ptpho
2 years, 6 months ago
Ans B. Deploy a Customer Gateway within your corporate network { C. Deploy a Customer Gateway within your VPC is correct - CGW in AWS which added to represent for on-prems network Router (cooperated RT will be configured to route on-prems nw to CGW) - CGW device is set-up at on-prems as Router on your side for the Site-to-Site VPN connection with AWS }
upvoted 4 times
...
ChauPhan
2 years, 7 months ago
C. Deploy a Customer Gateway within your VPC???
upvoted 3 times
...
student2020
2 years, 7 months ago
Customer gateway: An AWS resource which provides information to AWS about your customer gateway device. Customer gateway device: A physical device or software application on your side of the Site-to-Site VPN connection. https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html
upvoted 2 times
...
sairam
2 years, 7 months ago
why is Customer Gateway Device (C) not required? https://docs.aws.amazon.com/vpn/latest/s2svpn/your-cgw.html
upvoted 1 times
smithyt
2 years, 7 months ago
A Customer GW is establish on the on premises site not on the AWS side of the connection
upvoted 1 times
JamesTR
2 years, 7 months ago
Physically it is installed on premises, but logically it is created in AWS console
upvoted 1 times
...
...
student2020
2 years, 7 months ago
CGW and CGW device are different. The device is deployed on-prem, the CGW is deployed in AWS as a logical representation of the device on-prem.
upvoted 2 times
...
cdeavila
1 year, 11 months ago
It is that we must understand two things and I think there is this confusion, one thing is the AWS Costumer Gateway service and another thing is the Costumer gateway device that if it refers to the hardware in the onpremise, the same article that you leave explains the two things "For the steps to set up a VPN connection, see Getting started. During this process, you create a customer gateway resource in AWS, which provides information to AWS about your device, for example, its public-facing IP address."
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel