SAP-C02 Question 121
Question
A financial company is planning to migrate its web application from on premises to AWS. The company uses a third-party security tool to monitor the inbound traffic to the application. The company has used the security tool for the last 15 years, and the tool has no cloud solutions available from its vendor. The company's security team is concerned about how to integrate the security tool with AWS technology. The company plans to deploy the application migration to AWS on Amazon EC2 instances. The EC2 instances will run in an Auto Scaling group in a dedicated VPC. The company needs to use the security tool to inspect all packets that come in and out of the VPC. This inspection must occur in real time and must not affect the application's performance. A solutions architect must design a target architecture on AWS that is highly available within an AWS Region. Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)
Options
A. Deploy the security tool on EC2 instances m a new Auto Scaling group in the existing VPC
B. Deploy the web application behind a Network Load Balancer
C. Deploy an Application Load Balancer in front of the security tool instances
D. Provision a Gateway Load Balancer for each Availability Zone to redirect the traffic to the security tool
E. Provision a transit gateway to facilitate communication between VPCs.
Answer
AD
Explanation
Correct answer: AD Explanation: The best answer is AD. Correct option: A. Deploy the security tool on EC2 instances m a new Auto Scaling group in the existing VPC D. Provision a Gateway Load Balancer for each Availabilit...