SAP-C02 第 123 题
题目
A company is migrating some of its applications to AWS. The company wants to migrate and modernize the applications quickly after it finalizes networking and security strategies. The company has set up an AWS Direct Connect connection in a central network account. The company expects to have hundreds of AWS accounts and VPCs in the near future. The corporate network must be able to access the resources on AWS seamlessly and also must be able to communicate with all the VPCs. The company also wants to route its cloud resources to the internet through its on-premises data center. Which combination of steps will meet these requirements? (Choose three.)
中文翻译:
一家公司正在将其部分应用程序迁移到 AWS。该公司希望在最终确定网络和安全策略后迅速迁移应用程序并使其现代化。该公司已在中央网络帐户中建立了 AWS Direct Connect 连接。该公司预计在不久的将来将拥有数百个 AWS 账户和 VPC。公司网络必须能够无缝访问AWS上的资源,并且必须能够与所有VPC通信。该公司还希望通过其本地数据中心将其云资源路由到互联网。哪种步骤组合可以满足这些要求? (选择三项。)
选项
A. Create a Direct Connect gateway in the central account. In each of the accounts, create an association proposal by using the Direct Connect gateway and the account ID for every virtual private gateway.
中文翻译:
在中央账户中创建 Direct Connect 网关。在每个帐户中,使用 Direct Connect 网关和每个虚拟专用网关的帐户 ID 创建关联提案。
B. Create a Direct Connect gateway and a transit gateway in the central network account. Attach the transit gateway to the Direct Connect gateway by using a transit VIF. Connect gateway。
中文翻译:
在中央网络帐户中创建 Direct Connect 网关和中转网关。使用中转 VIF 将中转网关连接到 Direct Connect 网关。连接网关。
C. Provision an internet gateway. Attach the internet gateway to subnets. Allow internet traffic through the gateway.
中文翻译:
配置互联网网关。将 Internet 网关连接到子网。允许互联网流量通过网关。
D. Share the transit gateway with other accounts. Attach VPCs to the transit gateway.
中文翻译:
与其他账户共享中转网关。将 VPC 连接到中转网关。
E. Provision VPC peering as necessary.
中文翻译:
根据需要配置 VPC 对等互连。
F. Provision only private subnets. Open the necessary route on the transit gateway and customer gateway to allow outbound internet traffic from AWS to flow through NAT services that run in the data center.
中文翻译:
仅配置私有子网。在中转网关和客户网关上打开必要的路由,以允许来自 AWS 的出站互联网流量流经数据中心中运行的 NAT 服务。
答案
BDF
解析
正确答案:BDF 解析: 本题应选择 BDF。 正确选项: B. 在中央网络帐户中创建 Direct Connect 网关和中转网关。使用中转 VIF 将中转网关连接到 Direct Connect 网关。连接网关。 D. 与其他账户共享中转网关。将 VPC 连接到中转网关。 F. 仅配置私有子网。在中转网关和客户网关上打开必要的路由,以允许来自 AWS 的出站互联网流量流经数据中心中运行的 NAT 服务。 选择理由: 该选项最直接地满...