ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 99 discussion

Exam question from Amazon's ANS-C00
Question #: 99
Topic #: 1
[All ANS-C00 Questions]

An organization has created a web application inside a VPC and wants to make it available to 200 client VPCs. The client VPCs are in the same Region but are owned by other business units within the organization.
What is the best way to meet this requirement, without making the application publicly available?

  • A. Configure the application as an AWS PrivateLink-powered service, and have the client VPCs connect to the endpoint service by using an interface VPC endpoint.
  • B. Enable VPC peering between the web application VPC and all client VPCs.
  • C. Deploy the web application behind an internet-facing Application Load Balancer and control which clients have access by using security groups.
  • D. Deploy the web application behind an internal Application Load Balancer and control which clients have access by using security groups.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ITstudy at May 8, 2020, 9:07 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ITstudy
Highly Voted 3 years, 8 months ago
Answer - A. private-link provides scalability to provide private connection
upvoted 19 times
...
Joe321
Highly Voted 3 years, 7 months ago
Answer is A. Connect your VPCs to services in AWS in a secure and scalable manner with AWS PrivateLink. Network traffic that uses AWS PrivateLink doesn't traverse the public internet, reducing the exposure to threats. There is no need to configure an Internet gateway, VPC peering connection, or manage VPC Classless Inter-Domain Routing (CIDRs). Reference link: https://aws.amazon.com/privatelink
upvoted 7 times
...
R87
Most Recent 2 years, 11 months ago
Selected Answer: A
with C, you are making it publicly available as ALB is internet facing!
upvoted 1 times
...
sapien45
3 years, 2 months ago
How to use security groups restriction if thoses SG belong to different AWS accounts ? Answer is C : https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service-overview.html You can configure an Application Load Balancer as a target of the Network Load Balancer, and then the Application Load Balancer can route the requests to your service. Service consumers can use the endpoint-specific DNS hostnames to access the endpoint service, or the private DNS name. An endpoint service is only available in the Region where you created it.
upvoted 2 times
sapien45
3 years, 2 months ago
Answer is A
upvoted 1 times
...
...
mark_232323
3 years, 3 months ago
A is wrong as you need NLB for Private link and the question indicates ( web application ), the only answer is C
upvoted 1 times
...
TerrenceC
3 years, 7 months ago
Option #B is able to be a candidate if the total quantity of target VPC is less than 125. Please refer to the section "VPC peering connections" via the link below; https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html
upvoted 2 times
...
guruguru
3 years, 7 months ago
A. Private link
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel