New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAP-C02 Exam - Topic 6 Question 25 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 25
Topic #: 6
[All SAP-C02 Questions]

A company has many services running in its on-premises data center. The data center is connected to AWS using AWS Direct Connect (DX)and an IPsec VPN. The service data is sensitive and connectivity cannot traverse the interne. The company wants to expand to a new market segment and begin offering Is services to other companies that are using AWS.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

To offer services to other companies using AWS without traversing the internet, creating a VPC Endpoint Service hosted behind an Application Load Balancer (ALB) and making it available over AWS Direct Connect (DX) is the most suitable solution. This approach ensures that the service traffic remains within the AWS network, adhering to the requirement that connectivity must not traverse the internet. An ALB is capable of handling HTTP/HTTPS traffic, making it appropriate for web-based services. Utilizing DX for connectivity between the on-premises data center and AWS further secures and optimizes the network path.


AWS Direct Connect Documentation: Explains how to set up DX for private connectivity between AWS and an on-premises network.

Amazon VPC Endpoint Services (AWS PrivateLink) Documentation: Provides details on creating and configuring endpoint services for private, secure access to services hosted in AWS.

AWS Application Load Balancer Documentation: Offers guidance on configuring ALBs to distribute HTTP/HTTPS traffic efficiently.

by Brett at Mar 08, 2024, 03:50 AM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Linsey
3 months ago
Wait, can we really use DX for VPC Endpoint Services? Sounds too good to be true!
upvoted 0 times
...
Germaine
3 months ago
D just adds complexity, not sure it's the right choice here.
upvoted 0 times
...
Carin
3 months ago
C is a no-go, can't use an internet gateway for sensitive data!
upvoted 0 times
...
Catina
4 months ago
I think B is better since it supports HTTP/HTTPS.
upvoted 0 times
...
Susana
4 months ago
Option A seems solid for TCP traffic over DX.
upvoted 0 times
...
Isidra
4 months ago
I feel like option B could work too, but I’m uncertain if HTTP/HTTPS is secure enough for sensitive data.
upvoted 0 times
...
Shawna
4 months ago
I practiced a similar question where an internet gateway was involved, but I don't think that's the right approach here since they can't use the internet.
upvoted 0 times
...
Maryann
4 months ago
I think option A makes sense since it mentions TCP traffic, which could be more suitable for various services.
upvoted 0 times
...
Leota
5 months ago
I remember studying VPC Endpoint Services, but I'm not sure if TCP or HTTP/HTTPS is better for this scenario.
upvoted 0 times
...
Sharan
5 months ago
I'm leaning towards option B. Using an Application Load Balancer might give us a bit more flexibility in terms of the protocol and could be a cleaner solution.
upvoted 0 times
...
Jacinta
5 months ago
Option A seems like the most straightforward solution to me. Hosting the service behind a Network Load Balancer and exposing it over Direct Connect should meet the requirements.
upvoted 0 times
...
Elenore
5 months ago
I'm a bit confused by the different VPC endpoint options. I'll need to review the differences between the Network Load Balancer and Application Load Balancer approaches.
upvoted 0 times
...
Justine
5 months ago
This looks like a tricky one. I'll need to carefully read through the requirements to make sure I understand the constraints around sensitive data and connectivity.
upvoted 0 times
...
Jacquelyne
5 months ago
Hmm, the key seems to be finding a way to expose the services to other AWS customers without using the public internet. I'm thinking option A or B might be the way to go.
upvoted 0 times
...
Gertude
5 months ago
Alright, time to put my database knowledge to the test. I've got a good feeling about this one - I think I know the right approach to solve this.
upvoted 0 times
...
Truman
5 months ago
I'm a bit confused on the difference between the "Triggered" and "Scheduled" options. Do we need two separate automations or can we do this all in one?
upvoted 0 times
...
Winfred
5 months ago
Wait, what's Dynamic Media? I'm not totally clear on what that does in this context.
upvoted 0 times
...
Gracie
5 months ago
Hmm, I'm a bit unsure about this one. Link encryption can be tricky, and I want to make sure I understand the differences between the options before selecting an answer.
upvoted 0 times
...
Fausto
5 months ago
Hmm, the question mentions the analysts are converting raw data into useful information, which sounds like they're in the processing and exploitation phase. But I'm not 100% sure, so I'll have to think it through carefully.
upvoted 0 times
...
Ryann
2 years ago
That makes sense. Thank you for explaining.
upvoted 0 times
...
Latrice
2 years ago
By creating a VPC Endpoint Service that accepts TCP traffic and hosting it behind a Network Load Balancer, we can make the service available over DX, meeting the requirements.
upvoted 0 times
...
Latrice
2 years ago
I disagree. I believe the correct answer is A.
upvoted 0 times
...
Lisbeth
2 years ago
Because hosting the service behind an Application Load Balancer will allow us to accept HTTP or HTTPS traffic.
upvoted 0 times
...
Ryann
2 years ago
Why do you think so?
upvoted 0 times
...
Lisbeth
2 years ago
I think the answer is B.
upvoted 0 times
...
Micaela
2 years ago
I personally prefer option D. Using a NAT gateway for inbound and outbound traffic control seems more reliable.
upvoted 0 times
...
Emelda
2 years ago
I disagree, option B might be better. Hosting the service behind an Application Load Balancer makes it more flexible.
upvoted 0 times
...
Valentin
2 years ago
I think the best solution is A. Using a VPC Endpoint Service behind a Network Load Balancer seems secure.
upvoted 0 times
...
Keneth
2 years ago
Okay, let's think this through. Option A sounds like it could work, since a Network Load Balancer can provide private access over Direct Connect. But I'm not sure if TCP is the best protocol for this use case, maybe HTTPS would be better?
upvoted 0 times
...
Ernie
2 years ago
Haha, imagine if they just said 'Make it work over the internet, who cares about the sensitive data!' That would be a disaster waiting to happen.
upvoted 0 times
...
Narcisa
2 years ago
Yeah, I agree. Options C and D don't really meet the requirements since they involve using the internet. But I'm not sure if a VPC Endpoint Service is the right solution either, since that's usually used for private access to AWS services, not for exposing your own services.
upvoted 0 times
Ma
2 years ago
Agreed. Option A provides a secure way to offer our services to other companies while maintaining the sensitivity of the data.
upvoted 0 times
...
Malinda
2 years ago
I think we should go with Option A for secure connectivity to the new market segment.
upvoted 0 times
...
Robt
2 years ago
Option A with a VPC Endpoint Service behind a Network Load Balancer sounds like a secure solution for expanding the services.
upvoted 0 times
...
Cristy
2 years ago
Yeah, I agree. We definitely need to avoid using the internet for connectivity.
upvoted 0 times
...
Lawrence
2 years ago
I see your point. Option B involves using HTTP or HTTPS traffic, which might not be the best for sensitive service data.
upvoted 0 times
...
Ilene
2 years ago
Option A seems like the best choice in this scenario. We need to keep the service traffic secure and not accessible over the internet.
upvoted 0 times
...
...
Rima
2 years ago
Hmm, this is a tricky one. The key requirements here are that the data is sensitive and the connectivity cannot go through the internet, so I'm leaning towards options A or B.
upvoted 0 times
...

Save Cancel