2v0-3322 Exam QuestionsBrowse all questions from this exam
Go to Exam

2v0-3322 Exam - Question 36

A cloud administrator is asked to validate a proposed internetworking design that will provide connectivity to a VMware Cloud on AWS environment from multiple company locations.

The following requirements must be met:

Connectivity to the VMware Cloud on AWS environment must support high-throughput data transfer.

Connectivity to the VMware Cloud on AWS environment must NOT have a single point of failure.

Any network traffic between on-premises company locations must be sent over a private IP address space.

Which design decisions should be made to meet these network connectivity requirements?

Show Answer
Correct Answer: CD

To meet the requirements of high-throughput data transfer and avoiding a single point of failure, while ensuring that any network traffic between on-premises company locations is sent over a private IP address space, the best design decision would involve using both Direct Connect and VPN connections. Configuring a Direct Connect from headquarters to VMware Cloud on AWS with a private VIF ensures high-throughput data transfer. Adding a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters provides redundancy and avoids a single point of failure, especially when the 'Use VPN as Backup to Direct Connect' option is enabled. Configuring dual, redundant, route-based IPsec VPN connections from each regional office further ensures that any traffic between on-premises locations is routed securely and privately through the IPsec VPN.

Discussion

5 comments
Sign in to comment
ryanzouOption: C
Apr 1, 2023

C is correct.

uchikenOption: C
May 6, 2023

My answer is C. -------------------------------- A route-based VPN creates an IPsec tunnel interface and routes traffic through it as dictated by the SDDC routing table. A route-based VPN provides resilient, secure access to multiple subnets. When you use a route-based VPN, new routes are added automatically when new networks are created. https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-5AF45CE6-FA53-45C0-83E5-25F8E3A055E9.html

dperlegkasOption: C
May 10, 2023

i think is C

VirtualSteveOOption: C
Oct 27, 2023

C is the most appropriate answer

IAZZUSOption: C
Jun 5, 2024

Configure a Direct Connect from headquarters to VMware Cloud on AWS. Use a private VIF for this connection. Configure a route-based IPsec VPN tunnel as a secondary method of connectivity from headquarters to VMware Cloud on AWS, taking care to enable the “Use VPN as Backup to Direct Connect” option. Configure dual, redundant, route-based IPsec VPN connections from each regional office to VMware Cloud on AWS.