ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 316 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 316
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A software-as-a-service (SaaS) company hosts an application on AWS in a VPC. External customers will use the application on their own Amazon EC2 instances.
To access the application, the customers need to install a client application on an EC2 instance in a VPC in their AWS accounts.
A security engineer is designing a solution to allow communication between the client software and the SaaS application. The solution must maximize scalability and security.
Which combination of actions will meet these requirements? (Choose two.)

  • A. Create a Network Load Balancer (NLB) in the VPC in the SaaS company account. Use the NLB for TLS termination and load balancing. Use EC2 instances as targets for the NLB.
  • B. Create a Network Load Balancer (NLB) in the VPCs in the customer accounts. Use the NLB for TLS termination and load balancing. Use EC2 instances as targets for the NLB.
  • C. Create an AWS PrivateLink endpoint service in the VPCs in the customer accounts. Create a PrivateLink interface endpoint in the VPC in the SaaS company account.
  • D. Create an AWS PrivateLink endpoint service in the VPC in the SaaS company account. Create a PrivateLink interface endpoint in the VPCs in the customer accounts.
  • E. Create a VPC peering connection between the VPC in the SaaS company account and the VPCs in the customer accounts. Create the required routes for a VPC peering connection.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by DaKam at Jan. 4, 2022, 6:22 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
argol
Highly Voted 3 years, 5 months ago
Interface VPC endpoints, powered by AWS PrivateLink, connect you to services hosted by AWS Partners and supported solutions available in AWS Marketplace. By powering Gateway Load Balancer endpoints, AWS PrivateLink brings the same level of security and performance to your virtual network appliances or custom traffic inspection logic. "A" and "D"
upvoted 14 times
...
DaKam
Highly Voted 3 years, 6 months ago
Refer to https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service-overview.html Solution: A & D As maximize scalability and security
upvoted 5 times
Radhaghosh
3 years, 5 months ago
Read this line from the link you posted "In the following diagram, the account owner of VPC B is a service provider, and has a service running on instances in subnet B. The owner of VPC B has a service endpoint (vpce-svc-1234) with an associated Network Load Balancer that points to the instances in subnet B as targets. Instances in subnet A of VPC A use an interface endpoint to access the services in subnet B."
upvoted 3 times
...
...
Raphaello
Most Recent 1 year, 4 months ago
Selected Answer: AD
AD the correct description to create VPC Endpoint Service through NLB. https://docs.aws.amazon.com/whitepapers/latest/aws-privatelink/creating-highly-available-endpoint-services.html
upvoted 1 times
...
Nuha_23
1 year, 10 months ago
Selected Answer: AD
https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-saas.html
upvoted 1 times
...
Toptip
2 years ago
Selected Answer: AD
AD 100%... got similar question in SAP-C02 exam
upvoted 1 times
...
Cyp
2 years, 3 months ago
Selected Answer: AD
Ans AD, for those who have choosen AC please be aware of the difference between Endpoint and endpoint service.
upvoted 2 times
...
Smartphone
2 years, 4 months ago
Answer is A&D https://docs.aws.amazon.com/prescriptive-guidance/latest/integrate-third-party-services/architecture-1.html
upvoted 2 times
...
sakibmas
2 years, 5 months ago
Selected Answer: AD
Using AWS PrivateLink, you can access SaaS products privately, as if they were running in your own VPC.
upvoted 1 times
...
awsec2
2 years, 6 months ago
cd Create an AWS PrivateLink endpoint service in the VPC in the SaaS company account. Create a PrivateLink interface endpoint in the VPCs in the customer accounts.
upvoted 1 times
...
D2
2 years, 7 months ago
Selected Answer: AC
Ans A, C https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-saas.html
upvoted 1 times
D2
2 years, 7 months ago
I meant A, D
upvoted 2 times
...
...
Balki
2 years, 7 months ago
Selected Answer: AD
Answer is obviously A&D https://docs.aws.amazon.com/vpc/latest/privatelink/create-endpoint-service.html
upvoted 1 times
Balki
2 years, 6 months ago
AWS principals, such as AWS accounts, IAM users, and IAM roles can connect to your endpoint service privately by creating an interface VPC endpoint. Service providers must do the following to make their services available to service consumers.
upvoted 1 times
...
...
Fyssy
2 years, 7 months ago
Selected Answer: AD
sorry AD. NLB and VPC interface service in the provider and VPC interface endpoint in the consumer https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html
upvoted 1 times
...
Fyssy
2 years, 7 months ago
Selected Answer: AC
https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html
upvoted 1 times
...
sapien45
2 years, 10 months ago
Selected Answer: AD
none of the proposed responses correspond to the diagam here : https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html In the diagram, target EC2 instances and load balancers are in the same service provider account. While in the questions, Load balancer communicate through AWS PrivateLink with its target EC2 instances. Weird.
upvoted 1 times
...
dcasabona
2 years, 11 months ago
Selected Answer: AD
Option A and D for me.
upvoted 1 times
...
zdd
2 years, 11 months ago
Answer: A D https://docs.aws.amazon.com/vpc/latest/privatelink/images/privatelink-concepts.png
upvoted 1 times
...
zdd
2 years, 11 months ago
Answer: D E
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel