Examice

Exam 2v0-3322 All QuestionsBrowse all questions from this exam

Question 36

A cloud administrator is asked to validate a proposed internetworking design that will provide connectivity to a VMware Cloud on AWS environment from multiple company locations.

The following requirements must be met:

Connectivity to the VMware Cloud on AWS environment must support high-throughput data transfer.

Connectivity to the VMware Cloud on AWS environment must NOT have a single point of failure.

Any network traffic between on-premises company locations must be sent over a private IP address space.

Which design decisions should be made to meet these network connectivity requirements?

Configure a Direct Connect from headquarters to VMware Cloud on AWS.

Use a private VIF for this connection.

Configure a secondary, standby Direct Connect from headquarters using a public VIF.

Configure dual, redundant, policy-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

Configure a Direct Connect from headquarters to VMware Cloud on AWS.

Use a public VIF for this connection.

Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS.

Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

Configure a Direct Connect from headquarters to VMware Cloud on AWS.

Use a private VIF for this connection.

Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the “Use VPN as Backup to Direct Connect” option.

Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

Configure a Direct Connect from headquarters to VMware Cloud on AWS.

Use a private VIF for this connection.

Configure a policy-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the “Use VPN as Backup to Direct Connect” option.

Configure dual, redundant, policy-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

Correct Answer: C

To meet the requirements of high-throughput data transfer and avoiding a single point of failure, while ensuring that any network traffic between on-premises company locations is sent over a private IP address space, the best design decision would involve using both Direct Connect and VPN connections. Configuring a Direct Connect from headquarters to VMware Cloud on AWS with a private VIF ensures high-throughput data transfer. Adding a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters provides redundancy and avoids a single point of failure, especially when the 'Use VPN as Backup to Direct Connect' option is enabled. Configuring dual, redundant, route-based IPsec VPN connections from each regional office further ensures that any traffic between on-premises locations is routed securely and privately through the IPsec VPN.

Discussion

IAZZUSOption: C

Configure a Direct Connect from headquarters to VMware Cloud on AWS. Use a private VIF for this connection. Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the “Use VPN as Backup to Direct Connect” option. Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.

VirtualSteveOOption: C

C is the most appropriate answer

dperlegkasOption: C

i think is C

uchikenOption: C

My answer is C. -------------------------------- A route-based VPN creates an IPsec tunnel interface and routes traffic through it as dictated by the SDDC routing table. A route-based VPN provides resilient, secure access to multiple subnets. When you use a route-based VPN, new routes are added automatically when new networks are created. https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-5AF45CE6-FA53-45C0-83E5-25F8E3A055E9.html

ryanzouOption: C

C is correct.