Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon ANS-C01 Exam - Topic 3 Question 58 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 58
Topic #: 3
[All ANS-C01 Questions]

A banking company is successfully operating its public mobile banking stack on AWS. The mobile banking stack is deployed in a VPC that includes private subnets and public subnets. The company is using IPv4 networking and has not deployed or supported IPv6 in the environment. The company has decided to adopt a third-party service provider's API and must integrate the API with the existing environment. The service provider's API requires the use of IPv6.

A network engineer must turn on IPv6 connectivity for the existing workload that is deployed in a private subnet. The company does not want to permit IPv6 traffic from the public internet and mandates that the company's servers must initiate all IPv6 connectivity. The network engineer turns on IPv6 in the VPC and in the private subnets.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Arleen at Nov 23, 2025, 11:14 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Celestina
10 days ago
I’m leaning towards C as well. It meets all the conditions perfectly.
upvoted 0 times
...
Crista
15 days ago
I feel like D is overkill. Just denying all inbound seems extreme.
upvoted 0 times
...
Lindsey
20 days ago
A could allow some unwanted traffic. C is safer for security.
upvoted 0 times
...
Tesha
25 days ago
But what about option A? The NAT gateway could work too, right?
upvoted 0 times
...
Kayleigh
1 month ago
I agree, C makes sense. Egress-only gateway fits the requirement.
upvoted 0 times
...
Merlyn
1 month ago
NAT gateways are great for IPv4, but how does that work with IPv6?
upvoted 0 times
...
Benton
2 months ago
Wait, can you really block all inbound traffic and still use IPv6?
upvoted 0 times
...
Gerry
2 months ago
Just a heads up, egress-only gateways are specifically for IPv6!
upvoted 0 times
...
Shizue
2 months ago
I disagree, I think option D is more secure with that security group.
upvoted 0 times
...
Leeann
2 months ago
Haha, I bet the service provider is like "Hey, you gotta use IPv6 now!" Gotta keep up with the times, I guess.
upvoted 0 times
...
Coleen
2 months ago
C) Yep, the egress-only internet gateway is the way to go. Keeps things simple and secure.
upvoted 0 times
...
Janae
3 months ago
D) Denying all inbound traffic to the egress-only internet gateway is a nice touch to ensure no IPv6 traffic from the public internet.
upvoted 0 times
...
Rosita
3 months ago
C) Seems like the most straightforward solution to me. An egress-only internet gateway should do the trick.
upvoted 0 times
...
Kirk
3 months ago
I practiced a similar question where we had to restrict public internet access for IPv6. I feel like the NAT gateway options might not be the best fit here.
upvoted 0 times
...
Kelvin
3 months ago
I think option C sounds familiar because it allows outbound IPv6 traffic while blocking inbound, which aligns with the company's requirement.
upvoted 0 times
...
Melynda
3 months ago
I think I've got it! The egress-only internet gateway is the way to go here. It allows outbound IPv6 traffic from the private subnets, but blocks inbound IPv6 traffic from the public internet, which is exactly what the company wants. I'm feeling good about option C.
upvoted 0 times
...
Janna
4 months ago
I'm a bit confused about the difference between a regular internet gateway and an egress-only internet gateway. I'll need to make sure I understand that before I can confidently choose the right solution.
upvoted 0 times
...
Pearly
4 months ago
Okay, let me see. I'm leaning towards option C - creating an egress-only internet gateway and routing the IPv6 traffic through that. That way, the servers can initiate the IPv6 connections, but inbound IPv6 traffic from the public internet will be blocked.
upvoted 0 times
...
Lang
4 months ago
Option C seems like the best fit for egress-only traffic.
upvoted 0 times
...
Sharee
4 months ago
This question is tricky! I think option C might be the best.
upvoted 0 times
...
Elbert
4 months ago
I remember we discussed how egress-only internet gateways are specifically designed for IPv6 traffic, but I'm not entirely sure how they differ from regular internet gateways.
upvoted 0 times
...
Phillip
5 months ago
I’m a bit confused about whether the security group in option D would actually prevent all inbound traffic effectively. I need to double-check that concept.
upvoted 0 times
...
Annamae
5 months ago
A) Creating a NAT gateway is a good idea, but I'm not sure if it's necessary for this specific use case.
upvoted 0 times
...
Mollie
5 months ago
Hmm, the key here is that the company wants to enable IPv6 connectivity for their existing workload, but they don't want to allow IPv6 traffic from the public internet. I think I'll need to focus on the different gateway options.
upvoted 0 times
...
Ailene
5 months ago
This seems like a tricky one! I'll need to carefully read through the requirements and think through the different options.
upvoted 0 times
Juliana
4 days ago
This is definitely a tricky situation!
upvoted 0 times
...
...

Save Cancel