In your current role as the corporate network architect `" you have decided to replace your existing hardware firewall appliances with a pair of Juniper SRX-Series Services Gateways. You have chosen these as AWS lists these as supportable devices for establishing IPsec connections. With this in mind, select the minimum set of options to ensure that you can establish IPsec connectivity between your on premise private corporate network and your AWS hosted VPC. Select which option is NOT required. A. Initiate network connections from somewhere within your corporate network, this is required to bring the tunnels UP B. Deploy a Customer Gateway within your corporate network C. Deploy a Customer Gateway within your VPC D. Deploy a Virtual Private Gateway within your VPC  Suggested Answer: B Community Answer: B A customer gateway within the corporate network is NOT required. The Customer Gateway (CGW) is a component that you deploy within your VPC that logically represents you VPN physical hardware's perimeter public IP - therefore Answer C is required. A Virtual Private Gateway (VPG) is the AWS VPN Concentrator end point ג€" and is always a requirement that needs to be deployed in your VPC - therefore it must always be deployed ג€" therefore Answer D is required. AWS only supports IPsec in Tunnel mode ג€" therefore Answer A is required. Reference: https://aws.amazon.com/vpc/faqs/ This question is in ANS-C00 AWS Certified Advanced Networking – Specialty Exam For getting AWS Certified Advanced Networking – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer
