exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 757 discussion

A company is running a workload that consists of thousands of Amazon EC2 instances. The workload is running in a VPC that contains several public subnets and private subnets. The public subnets have a route for 0.0.0.0/0 to an existing internet gateway. The private subnets have a route for 0.0.0.0/0 to an existing NAT gateway.
A solutions architect needs to migrate the entire fleet of EC2 instances to use IPv6. The EC2 instances that are in private subnets must not be accessible from the public internet.
What should the solutions architect do to meet these requirements?

  • A. Update the existing VPC, and associate a custom IPv6 CIDR block with the VPC and all subnets. Update all the VPC route tables, and add a route for ::/0 to the internet gateway.
  • B. Update the existing VPC, and associate an Amazon-provided IPv6 CIDR block with the VPC and all subnets. Update the VPC route tables for all private subnets, and add a route for ::/0 to the NAT gateway.
  • C. Update the existing VPC, and associate an Amazon-provided IPv6 CIDR block with the VPC and all subnets. Create an egress-only internet gateway. Update the VPC route tables for all private subnets, and add a route for ::/0 to the egress-only internet gateway.
  • D. Update the existing VPC, and associate a custom IPv6 CIDR block with the VPC and all subnets. Create a new NAT gateway, and enable IPv6 support. Update the VPC route tables for all private subnets, and add a route for ::/0 to the IPv6-enabled NAT gateway.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Jupi
Highly Voted 3 years, 1 month ago
A - Incorrect - It will allow instances to be accessed from internet B - Incorrect - NAT gateways are not supported for IPv6 traffic—use an outbound-only (egress-only) internet gateway instead. C- Correct. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-migrate-ipv6.html#vpc-migrate-ipv6-cidr D: Incorrect - NAT gateways are not supported for IPv6 traffic—use an outbound-only (egress-only) internet gateway instead.
upvoted 9 times
...
TechX
Most Recent 2 years, 5 months ago
Selected Answer: C
C, easy one
upvoted 1 times
...
jj22222
2 years, 8 months ago
Selected Answer: C
C looks right
upvoted 1 times
...
shotty1
2 years, 10 months ago
Selected Answer: C
it is C
upvoted 1 times
...
AzureDP900
2 years, 12 months ago
I will go with C
upvoted 1 times
...
andylogan
3 years, 1 month ago
It's C
upvoted 1 times
...
Kopa
3 years, 1 month ago
key word egress gateway, so C is correct
upvoted 1 times
...
tgv
3 years, 1 month ago
CCC ---
upvoted 3 times
...
Cotter
3 years, 1 month ago
Yes C. > https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html.
upvoted 1 times
...
denccc
3 years, 2 months ago
Also go for C
upvoted 1 times
...
pablobairat
3 years, 2 months ago
C Sources: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-migrate-ipv6.html https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
upvoted 2 times
...
pkboy78
3 years, 2 months ago
It should be C
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago