ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 288 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 288
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A business application is hosted on Amazon EC2 and uses Amazon S3 for encrypted object storage. The chief information security officer has directed that no application traffic between the two services should traverse the public internet.
Which capability should the solutions architect use to meet the compliance requirements?

  • A. AWS Key Management Service (AWS KMS)
  • B. VPC endpoint
  • C. Private subnet
  • D. Virtual private gateway
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by toto059 at Feb. 2, 2021, 12:45 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
toto059
Highly Voted 3 years, 7 months ago
B is correct
upvoted 36 times
...
CCNPWILL
Highly Voted 3 years, 7 months ago
NOT traversing the www = ENDPOINTS
upvoted 15 times
Yogi
3 years, 7 months ago
S3 & DynamoDb are the only ones that permit VP endpoints https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/vpc-endpoints-dynamodb.html
upvoted 3 times
sarah_t
3 years, 7 months ago
almost: the only ones that permit gateway endpoints (which are free). you can have interface endpoints for other services too (they're not free though).
upvoted 1 times
...
...
...
PRASAD180
Most Recent 2 years, 1 month ago
B is 100% crt
upvoted 1 times
...
gp3k
2 years, 9 months ago
Why not C (Private subnet)? The question doesn't say it's a web app, it's simply a "business app" that's hosted on EC2. The EC2 and S3 instances can communicate with each other just fine if they're both on the same private subnet, which satisfies the question requirements.
upvoted 2 times
...
karthisena
3 years, 6 months ago
Endpoints allow you to connect to AWS Services using a private network instead of the public www network
upvoted 4 times
...
Ivan_KI
3 years, 6 months ago
Why the suggested answer is A, as all pointing Bas correct one (me also) ?!
upvoted 1 times
...
jkwek
3 years, 6 months ago
B is answer. https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints.html
upvoted 4 times
...
KK_uniq
3 years, 6 months ago
B is ok
upvoted 3 times
...
ansh18061986
3 years, 6 months ago
Correct answer is B
upvoted 3 times
...
stefanc
3 years, 7 months ago
https://tomgregory.com/when-to-use-an-aws-s3-vpc-endpoint/ Ans: B
upvoted 3 times
...
aesr10
3 years, 7 months ago
What does kms has to see with traffic traversing over internet...? ANS IS B
upvoted 1 times
...
leliodesouza
3 years, 7 months ago
The correct answer is B.
upvoted 3 times
...
Tun_AWS
3 years, 7 months ago
B for me
upvoted 4 times
...
syu31svc
3 years, 7 months ago
101% is B
upvoted 4 times
...
Yogi
3 years, 7 months ago
Ans=B. https://aws.amazon.com/vpc/faqs/
upvoted 4 times
...
dave0808
3 years, 7 months ago
B all the way
upvoted 5 times
...
AK003
3 years, 7 months ago
BBBBBB
upvoted 7 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago