New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAA-C03 Exam - Topic 3 Question 35 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 35
Topic #: 3
[All SAA-C03 Questions]

A company wants to use NAT gateways in its AWS environment. The company's Amazon EC2 instances in private subnets must be able to connect to the public internet through the NAT gateways.

Which solution will meet these requirements'?

Show Suggested Answer Hide Answer
Suggested Answer: C

A public NAT gateway enables instances in a private subnet to send outbound traffic to the internet, while preventing the internet from initiating connections with the instances. A public NAT gateway requires an elastic IP address and a route to the internet gateway for the VPC. A private NAT gateway enables instances in a private subnet to connect to other VPCs or on-premises networks through a transit gateway or a virtual private gateway. A private NAT gateway does not require an elastic IP address or an internet gateway. Both private and public NAT gateways map the source private IPv4 address of the instances to the private IPv4 address of the NAT gateway, but in the case of a public NAT gateway, the internet gateway then maps the private IPv4 address of the public NAT gateway to the elastic IP address associated with the NAT gateway. When sending response traffic to the instances, whether it's a public or private NAT gateway, the NAT gateway translates the address back to the original source IP address.

Creating public NAT gateways in the same private subnets as the EC2 instances (option A) is not a valid solution, as the NAT gateways would not have a route to the internet gateway. Creating private NAT gateways in the same private subnets as the EC2 instances (option B) is also not a valid solution, as the instances would not be able to access the internet through the private NAT gateways. Creating private NAT gateways in public subnets in the same VPCs as the EC2 instances (option D) is not a valid solution either, as the internet gateway would drop the traffic from the private NAT gateways.

Therefore, the only valid solution is to create public NAT gateways in public subnets in the same VPCs as the EC2 instances (option C), as this would allow the instances to access the internet through the public NAT gateways and the internet gateway.Reference:

NAT gateways - Amazon Virtual Private Cloud

NAT gateway use cases - Amazon Virtual Private Cloud

Amazon Web Services -- Introduction to NAT Gateways

What is AWS NAT Gateway? - KnowledgeHut


by Berry at May 11, 2024, 07:31 AM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Billye
3 months ago
Wait, are we sure about this? Sounds too simple.
upvoted 0 times
...
Maia
3 months ago
Public NAT gateways in public subnets is the way to go!
upvoted 0 times
...
Mary
3 months ago
I thought NAT gateways could be private too?
upvoted 0 times
...
Paris
4 months ago
Definitely option C! Makes the most sense.
upvoted 0 times
...
Nancey
4 months ago
NAT gateways need to be in public subnets to work.
upvoted 0 times
...
Abel
4 months ago
I’m confused about the difference between public and private NAT gateways. I thought both could be used in private subnets, but now I’m not so sure.
upvoted 0 times
...
Daniel
4 months ago
This question seems similar to one we practiced where we had to set up internet access for private instances. I think it was about using public NAT gateways.
upvoted 0 times
...
Catarina
4 months ago
I'm not entirely sure, but I feel like private NAT gateways wouldn't work since they can't route traffic to the internet.
upvoted 0 times
...
Octavio
5 months ago
I remember that NAT gateways need to be in public subnets to allow private instances to access the internet, so I think option C might be correct.
upvoted 0 times
...
Eileen
5 months ago
I've got this! The solution is to create public NAT gateways in public subnets, so the private instances can route their traffic through them to the internet.
upvoted 0 times
...
Earnestine
5 months ago
Okay, let's think this through step-by-step. The instances need to access the public internet, so we need a NAT gateway. And it needs to be in the same VPC as the instances, in a public subnet.
upvoted 0 times
...
Heike
5 months ago
I'm a bit confused about the difference between public and private subnets. I'll need to review that before attempting this question.
upvoted 0 times
...
Frank
5 months ago
Hmm, this seems straightforward. I think the key is understanding the difference between public and private NAT gateways.
upvoted 0 times
...
Meaghan
5 months ago
I've got a good handle on this. I'll methodically go through the list and determine which items are directly related to student use of the proposed IT system.
upvoted 0 times
...
Micah
5 months ago
Hmm, this seems straightforward. I think the key is to identify the status that indicates the entitlement needs to be renewed.
upvoted 0 times
...
Dong
5 months ago
Hmm, I'm a little unsure about this one. I was thinking it might be Development specification, since that's about the technical requirements for developing the system. But Process specification also sounds like it could be the right answer. I'll have to think this through carefully.
upvoted 0 times
...

Save Cancel