Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SCS-C02 Exam - Topic 2 Question 41 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 41
Topic #: 2
[All SCS-C02 Questions]

A company has created a set of AWS Lambda functions to automate incident response steps for incidents that occur on Amazon EC2 instances. The Lambda functions need to collect relevant artifacts, such as instance ID and security group configuration. The Lambda functions must then write a summary to an Amazon S3 bucket.

The company runs its workloads in a VPC that uses public subnets and private subnets. The public subnets use an internet gateway to access the internet. The private subnets use a NAT gateway to access the internet.

All network traffic to Amazon S3 that is related to the incident response process must use the AWS network. This traffic must not travel across the internet.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Cherry at Feb 12, 2025, 08:41 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nadine
4 months ago
D is a bit overcomplicated for this scenario, right?
upvoted 0 times
...
Jolene
4 months ago
C seems unnecessary, just use the endpoint in B.
upvoted 0 times
...
Kristofer
4 months ago
Wait, can you really deploy Lambda and S3 in the same private subnet? Sounds off.
upvoted 0 times
...
Justine
5 months ago
I agree, B makes the most sense for avoiding the internet.
upvoted 0 times
...
Nu
5 months ago
Option B is the best choice! S3 gateway endpoint keeps traffic within AWS.
upvoted 0 times
...
Ressie
5 months ago
I’m leaning towards option A, but I remember something about S3 endpoints being more efficient than going through a NAT gateway.
upvoted 0 times
...
Thurman
5 months ago
I practiced a similar question, and I feel like deploying Lambda in a private subnet is key, but I can't recall if NAT gateway is the right choice for S3 access.
upvoted 0 times
...
Jonelle
5 months ago
I think option B sounds right because it mentions creating an S3 gateway endpoint, which should help with the traffic requirement.
upvoted 0 times
...
Rosendo
5 months ago
I remember that using a VPC endpoint for S3 is important to keep traffic within the AWS network, but I'm not sure which option that applies to.
upvoted 0 times
...
Antione
5 months ago
I'm not sure about the SQS queue option. It seems like an unnecessary extra step when we can just use the S3 gateway endpoint. I'll double-check the requirements, but I'm leaning towards option B.
upvoted 0 times
...
Jesusa
5 months ago
Okay, I think I've got this. The key is to use an S3 gateway endpoint to ensure the traffic stays within the AWS network. I'll select that option and move on to the next question.
upvoted 0 times
...
Lorrine
5 months ago
Hmm, I'm a bit confused about the difference between the public and private subnets and how that impacts the Lambda functions. I'll need to carefully read through the details to figure out the best way to route the traffic.
upvoted 0 times
...
Tijuana
6 months ago
This seems like a straightforward VPC networking question. I'll focus on understanding the requirements around the network traffic and how to route it through the AWS network.
upvoted 0 times
...
Valentin
1 year ago
Haha, I bet the person who wrote option D was like, 'Let's make this as complex as possible!' Sorry, but I'm going with the simpler solution of option B.
upvoted 0 times
...
Ronald
1 year ago
Wow, option C is really clever! Deploying the S3 bucket and Lambda functions in the same private subnet is a great way to keep the traffic internal. But is that allowed?
upvoted 0 times
Corinne
1 year ago
B: Yeah, it's a clever way to ensure the traffic stays internal and doesn't go over the internet.
upvoted 0 times
...
Rosamond
1 year ago
A: Option C is a good choice. Keeping everything in the same private subnet is a smart move.
upvoted 0 times
...
...
Anika
1 year ago
Hmm, that's a good point. Option B does ensure that the traffic to S3 stays within the AWS network.
upvoted 0 times
...
Kimberely
1 year ago
I'm a bit skeptical about option D. Adding an SQS queue seems like an unnecessary complication when we can just use the S3 gateway endpoint.
upvoted 0 times
Kirk
1 year ago
I agree, option D does seem like it adds unnecessary complexity. Option B is simpler and meets the requirements.
upvoted 0 times
...
Pearly
1 year ago
Option B seems like the best choice. Using an S3 gateway endpoint will ensure the traffic stays within the AWS network.
upvoted 0 times
...
...
Graham
1 year ago
I disagree, I believe option B is the correct choice as it creates an S3 gateway endpoint for accessing the S3 service.
upvoted 0 times
...
Anika
1 year ago
I think option A is the best solution because it uses the NAT gateway to access the S3 service.
upvoted 0 times
...
Rodolfo
1 year ago
Option B is the way to go! Using an S3 gateway endpoint ensures the traffic stays within the AWS network, just like the requirements stated.
upvoted 0 times
Dorian
12 months ago
Definitely. Option B seems like the most secure and efficient solution for this scenario.
upvoted 0 times
...
Cammy
12 months ago
I agree. It's crucial to follow best practices when setting up Lambda functions for incident response.
upvoted 0 times
...
Louisa
12 months ago
That makes sense. It's important to keep the traffic within the AWS network for security reasons.
upvoted 0 times
...
Melissa
1 year ago
Option B is the way to go! Using an S3 gateway endpoint ensures the traffic stays within the AWS network, just like the requirements stated.
upvoted 0 times
...
Beckie
1 year ago
That makes sense. It's important to keep the traffic within the AWS network for security reasons.
upvoted 0 times
...
Billye
1 year ago
Option B is the way to go! Using an S3 gateway endpoint ensures the traffic stays within the AWS network, just like the requirements stated.
upvoted 0 times
...
...

Save Cancel