ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 204 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 204
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

An organization has created multiple components of a single application for compartmentalization. Currently all the components are hosted on a single EC2 instance. Due to security reasons the organization wants to implement two separate SSLs for the separate modules although it is already using VPC.
How can the organization achieve this with a single instance?

  • A. You have to launch two instances each in a separate subnet and allow VPC peering for a single IP.
  • B. Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
  • C. Create a VPC instance which will have both the ACL and the security group attached to it and have separate rules for each IP address.
  • D. Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. With VPC the user can specify multiple private IP addresses for his instances.
The number of network interfaces and private IP addresses that a user can specify for an instance depends on the instance type. With each network interface the organization can assign an EIP. This scenario helps when the user wants to host multiple websites on a single EC2 instance by using multiple SSL certificates on a single server and associating each certificate with a specific EIP address. It also helps in scenarios for operating network appliances, such as firewalls or load balancers that have multiple private IP addresses for each network interface.
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html
by cirno at Jan. 28, 2021, 4:08 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
amministrazione
8 months, 3 weeks ago
B. Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
upvoted 1 times
...
astalavista1
2 years, 7 months ago
Selected Answer: B
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html
upvoted 2 times
...
Sonujunko
3 years, 1 month ago
Looks like question meant EC2 instead on VPC in the options.
upvoted 2 times
...
cldy
3 years, 5 months ago
B. Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
upvoted 2 times
...
robertomartinez
3 years, 6 months ago
question makes no sense at all, let's just skip this very old question...
upvoted 2 times
...
01037
3 years, 7 months ago
Not quite understand the question. SSL is bound to domain, so I could have multiple domains pointing to same IP, then I can have separate SSL, as long as the modules work with domain
upvoted 1 times
...
cirno
3 years, 7 months ago
This question seems old. Now, SSL terminate on ELB using CNAME.
upvoted 2 times
01037
3 years, 7 months ago
Nothing mentioned about ELB in the question
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago