D.AW5 reserves one IP address in each subnet’s CIDR block for Route53 so you do not have enough addresses left to launch all of the new EC2 instances

E.AW5 reserves the first four and the last IP address in each subnet’s CIDR block so you do not have enough addresses left to launch all of the new EC2 instances

 

 

 

 

Answer: C, E

 

 

 

 

Question: 290

You’ve been brought in as solutions architect to assist an enterprise customer with their migration of an e-commerce platform to Amazon Virtual Private Cloud (VPC) The previous architect has already deployed a 3-tier VPC, The configuration is as follows:

VPC: vpc-2f8bc447 IGW: igw-2d8bc445 NACL: ad-208bc448

5ubnets and Route Tables:

Web servers: subnet-258bc44d Application servers: subnet-248bc44c Database servers: subnet-9189c6f9 Route Tables: rrb-218bc449 rtb- 238bc44b Associations:

subnet-258bc44d : rtb-218bc449 subnet- 248bc44c : rtb-238bc44b subnet-9189c6f9 : rtb- 238bc44b

You are now ready to begin deploying EC2 instances into the VPC Web servers must have direct access to the internet Application and database servers cannot have direct access to the internet. Which configuration below will allow you the ability to remotely administer your application and database servers, as well as allow these servers to retrieve updates from the Internet?

A.Create a bastion and NAT instance in subnet-258bc44d, and add a route from rtb- 238bc44b to the NAT instance.

B.Add a route from rtb-238bc44b to igw-2d8bc445 and add a bastion and NAT instance within subnet-248bc44c.

C.Create a bastion and NAT instance in subnet-248bc44c, and add a route from rtb- 238bc44b to subnet-258bc44d.

D.Create a bastion and NAT instance in subnet-258bc44d, add a route from rtb-238bc44b to lgw- 2d8bc445, and a new NACL that allows access between subnet-258bc44d and subnet – 248bc44c.

 

 

 

 

Answer: A

 

 

 

 

Question: 291

You are designing Internet connectivity for your VPC. The Web servers must be available on the Internet. The application must have a highly available architecture.

Which alternatives should you consider? (Choose 2 answers)

A.Configure a NAT instance in your VPC Create a default route via the NAT instance and associate it with all subnets Configure a DNS A record that points to the NAT instance public IP address.

B.Configure a CloudFront distribution and configure the origin to point to the private IP addresses of your Web servers Configure a Route53 CNAME record to your Cloud Front distribution.

C.Place all your web servers behind EL8 Configure a Route53 CNMIE to point to the ELB DNS name.

D.Assign EIPs to all web servers. Configure a Route53 record set with all EIPs. With health checks and DNS failover.

E.Configure ELB with an EIP Place all your Web servers behind ELB Configure a Route53 A record that points to the EIP.

 

 

 

 

Answer: C, D

 

 

 

 

Question: 292

You are tasked with moving a legacy application from a virtual machine running Inside your datacenter to an Amazon VPC Unfortunately this app requires access to a number of on- premises services and no one who configured the app still works for your company. Even worse there’s no documentation for it. What will allow the application running inside the VPC to reach back and access its internal dependencies without being reconfigured? {Choose 3 answers)

A.An AWS Direct Connect link between the VPC and the network housing the internal services.

B.An Internet Gateway to allow a VPN connection.

C.An Elastic IP address on the VPC instance

D.An IP address space that does not conflict with the one on-premises

E.Entries in Amazon Route 53 that allow the Instance to resolve its dependencies’ IP addresses

?F.A VM Import of the current virtual machine

 

 

 

 

Answer: A, D, F

Explanation:

AWS Direct Connect

AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS you’re your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet based connections.

AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows you to use the same connection to access public resources such as objects stored in Amazon 53 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments. Virtual interfaces can be reconfigured at any time to meet your changing needs.

发表评论

电子邮件地址不会被公开。 必填项已用*标注

error: Content is protected !!