SAP-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C02 Exam - Question 198

A company is building a hybrid environment that includes servers in an on-premises data center and in the AWS Cloud. The company has deployed Amazon EC2 instances in three VPCs. Each VPC is in a different AWS Region. The company has established an AWS Direct. Connect connection to the data center from the Region that is closest to the data center.

The company needs the servers in the on-premises data center to have access to the EC2 instances in all three VPCs. The servers in the on-premises data center also must have access to AWS public services.

Which combination of steps will meet these requirements with the LEAST cost? (Choose two.)

Show Answer
Correct Answer: AE

To meet the requirements with the least cost, you should create a Direct Connect gateway and use VPC peering. The Direct Connect gateway allows global access and can connect multiple VPCs across different regions to your on-premises data center, reducing the need for additional Direct Connect connections. VPC peering enables you to establish connections between VPCs across regions. This combination leverages existing connections and reduces the need for extra infrastructure, meeting the requirements cost-effectively.

Discussion

11 comments
Sign in to comment
cmoreiraOptions: AD
Sep 3, 2023

There is no correct answer. NONE. A.Direct Connect gateway are global. You dont create them in a "region" B. Not needed, since you have DX-GW. C. Cant establish site-to-site VPN over private VIF. You do it over public or transit (recommended). D. Yes, should use private VIF, but for access to AWS public resources, not the other VPCs. E. VPC peering wont allow Onprem to access other VPCs via peering. Best Answer is DX-Gateway AND Public VIF (A and D). However they're both wrong. https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-gateways-intro.html

Roontha
May 27, 2023

Answer : A, D https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct-connect-site-to-site-vpn.html

Jesuisleon
Jun 3, 2023

Agree Roontha. For E, "Create a private VIF with the existing Direct Connect connection to connect to the peered VPCs" is wrong. private VIF can only connect to the vpc which is in the same region with direct connection, you can't extend private VIF to the VPCs in other 2 regions.

rbm2023Options: AD
May 31, 2023

agree with A and D tks to Roontha

pupsikOptions: AD
Jun 27, 2023

got to use Public VIN in order to connect to AWS Services via Direct Connect.

andreituguiOptions: AD
May 30, 2023

Answer is A,D

easytoo
Jun 21, 2023

a-d-a-d-a-d-a-d

SkyZeroZxOptions: AD
Jul 3, 2023

Answer : A, D https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct-connect-site-to-site-vpn.html

NikkyDickyOptions: AD
Jul 5, 2023

its AD

career360guruOptions: AD
Nov 24, 2023

A and D

gfhbox0083Options: AD
Jul 13, 2024

A, D for sure. Must have access to AWS public services.