ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 363 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 363
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company is migrating one of its legacy systems from an on-premises data center to AWS. The application server will run on AWS, but the database must remain in the on-premises data center for compliance reasons. The database is sensitive to network latency. Additionally, the data that travels between the on-premises data center and AWS must have IPsec encryption.

Which combination of AWS solutions will meet these requirements? (Choose two.)

  • A. AWS Site-to-Site VPN
  • B. AWS Direct Connect
  • C. AWS VPN CloudHub
  • D. VPC peering
  • E. NAT gateway
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by AdamWest at Nov. 20, 2022, 10:17 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AdamWest
Highly Voted 2 years, 7 months ago
Selected Answer: AB
AB - 100% https://docs.aws.amazon.com/directconnect/latest/UserGuide/encryption-in-transit.html
upvoted 7 times
...
Isaias
Highly Voted 2 years, 7 months ago
Selected Answer: AB
a: encryption b:for latency
upvoted 6 times
...
hro
Most Recent 1 year, 3 months ago
AB - Cant be D - VPC peering there is no VPC to VPC going on.
upvoted 1 times
...
Toptip
2 years, 1 month ago
Selected Answer: AB
A+B.. S2S over DX
upvoted 1 times
...
ITGURU51
2 years, 1 month ago
AWS Direct Connect does not encrypt network traffic in transit. Therefore answers A and B provide end to end data encryption. We can use Direct connect to ensure low network latency and AWS Site to Site to encrypt data as it move across the network.
upvoted 3 times
...
sakibmas
2 years, 5 months ago
Selected Answer: AB
AWS Direct Connect does not encrypt your traffic that is in transit by default. To encrypt the data in transit that traverses AWS Direct Connect, you must use the transit encryption options for that service. Reference: https://docs.aws.amazon.com/directconnect/latest/UserGuide/encryption-in-transit.html
upvoted 4 times
...
jishrajesh
2 years, 6 months ago
AB Selected
upvoted 4 times
...
must_be_rohit
2 years, 6 months ago
Selected Answer: AC
requirement is for the data that travels between the on-premises data center and AWS must have IPsec encryption. Direct connect does not encrypt data by default... this it has to be VPN connectivity... thus A/C
upvoted 1 times
secdaddy
2 years, 6 months ago
Look at the URL provided by Adam. site to site VPN across directconnect is correct, so AB
upvoted 1 times
...
...
Subs2021
2 years, 6 months ago
Selected Answer: AB
Agreed
upvoted 2 times
...
Blueocean
2 years, 7 months ago
Agree should be A and B
upvoted 3 times
...
luisfsm_111
2 years, 7 months ago
Selected Answer: AB
Agree with AB
upvoted 3 times
...
AdamWest
2 years, 7 months ago
AB -100% https://docs.aws.amazon.com/directconnect/latest/UserGuide/encryption-in-transit.html
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel