ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SAP on AWS - Specialty PAS-C01 All Questions

View all questions & answers for the AWS Certified SAP on AWS - Specialty PAS-C01 exam
Go to Exam

Exam AWS Certified SAP on AWS - Specialty PAS-C01 topic 1 question 89 discussion

Exam question from Amazon's AWS Certified SAP on AWS - Specialty PAS-C01
Question #: 89
Topic #: 1
[All AWS Certified SAP on AWS - Specialty PAS-C01 Questions]

A company's SAP solutions architect is configuring a network architecture for an SAP HANA multi-node environment. The company requires isolation of the logical network zones: client, internal, and storage. The database runs on X1 (memory optimized) Amazon EC2 instances and uses Amazon Elastic Block Store (Amazon EBS) volumes for persistent storage.

Which combination of actions will provide the required isolation? (Choose three.)

  • A. Attach an AWS Network Firewall policy for each zone to the subnet for the node cluster.
  • B. Attach a secondary elastic network interface to each instance for the internal communications between nodes.
  • C. Attach a secondary elastic network interface to each instance for the storage communications.
  • D. Configure a security group with rules that allow only TCP connections within the security group on the ports that are assigned for the internal network connections. Associate the security group with the appropriate elastic network interface on each instance.
  • E. Configure a security group with rules that allow only TCP connections with the external customer network on the ports that are assigned for the client connections. Associate the security group with the appropriate elastic network interface.
  • F. Configure a security group with rules that allow Non-Volatile Memory Express (NVMe) connections within the subnet range. Associate the security group with the appropriate elastic network interface on each instance.
Show Suggested Answer Hide Answer
Suggested Answer: BCD 🗳️
by kaishin0527 at Aug. 2, 2023, 5:55 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
koki2847
1 year, 1 month ago
Selected Answer: BCD
BCD is close to the configuration discribed in https://docs.aws.amazon.com/sap/latest/sap-hana/hana-ops-networking.html#hana-ops-elastic-network-interfaces
upvoted 2 times
...
awsmonster
1 year, 3 months ago
Selected Answer: BCD
BCD seems right.
upvoted 2 times
...
aiyumiao
1 year, 5 months ago
Selected Answer: ABC
i thik
upvoted 1 times
aiyumiao
1 year, 5 months ago
I think BCD
upvoted 2 times
...
...
junrun3
1 year, 8 months ago
Selected Answer: BCD
E:It is used to limit communication with the client and is necessary in certain use cases, but is not required.
upvoted 3 times
...
kaishin0527
1 year, 9 months ago
Selected Answer: BDE
B,D,E: B. Secondary ENIs can be used to segregate traffic between nodes in a multi-node SAP HANA cluster. D. By setting up security group rules to only allow specific TCP connections, the internal network can be isolated, ensuring that only nodes within the group can communicate with each other on the designated ports. E. Similarly, by setting up security group rules to only allow specific TCP connections with the external customer network, the client network can be isolated, ensuring that only connections from the designated network can reach the SAP HANA client.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago