SAP-C02 第 402 题
题目
A company is creating a solution that can move 400 employees into a remote working environment in the event of an unexpected disaster. The user desktops have a mix of Windows and Linux operating systems. Multiple types of software, such as web browsers and mail clients, are installed on each desktop. A solutions architect needs to implement a solution that can be integrated with the company’s on-premises Active Directory to allow employees to use their existing identity credentials. The solution must provide multifactor authentication (MFA) and must replicate the user experience from the existing desktops. Which solution will meet these requirements?
中文翻译:
一家公司正在创建一种解决方案,可以在发生意外灾难时将 400 名员工转移到远程工作环境中。用户桌面混合使用 Windows 和 Linux 操作系统。每个桌面上都安装了多种类型的软件,例如网络浏览器和邮件客户端。解决方案架构师需要实施一个可以与公司的本地 Active Directory 集成的解决方案,以允许员工使用其现有的身份凭证。该解决方案必须提供多重身份验证 (MFA),并且必须复制现有桌面的用户体验。哪种解决方案可以满足这些要求?
选项
A. Use Amazon WorkSpaces for the cloud desktop service. Set up a VPN connection to the on-premises network. Create an AD Connector, and connect to the on-premises Active Directory. Activate MFA for Amazon WorkSpaces by using the AWS Management Console.
中文翻译:
使用 Amazon WorkSpaces 提供云桌面服务。设置与本地网络的 VPN 连接。创建 AD 连接器,并连接到本地 Active Directory。使用 AWS 管理控制台激活 Amazon WorkSpaces 的 MFA。
B. Use Amazon AppStream 2.0 as an application streaming service. Configure Desktop View for the employees. Set up a VPN connection to the on-premises network. Set up Active Directory Federation Services (AD FS) on premises. Connect the VPC network to AD FS through the VPN connection.
中文翻译:
使用 Amazon AppStream 2.0 作为应用程序流服务。为员工配置桌面视图。设置与本地网络的 VPN 连接。在本地设置 Active Directory 联合身份验证服务 (AD FS)。通过 VPN 连接将 VPC 网络连接到 AD FS。
C. Use Amazon WorkSpaces for the cloud desktop service. Set up a VPN connection to the on-premises network. Create an AD Connector, and connect to the on-premises Active Directory. Configure a RADIUS server for MFA.
中文翻译:
使用 Amazon WorkSpaces 提供云桌面服务。设置与本地网络的 VPN 连接。创建 AD 连接器,并连接到本地 Active Directory。为 MFA 配置 RADIUS 服务器。
D. Use Amazon AppStream 2.0 as an application streaming service. Set up Active Directory Federation Services on premises. Configure MFA to grant users access on AppStream 2.0.
中文翻译:
使用 Amazon AppStream 2.0 作为应用程序流服务。在本地设置 Active Directory 联合身份验证服务。配置 MFA 以授予用户对 AppStream 2.0 的访问权限。
答案
C
解析
正确答案:C 解析: 本题应选择 C。 正确选项: C. 使用 Amazon WorkSpaces 提供云桌面服务。设置与本地网络的 VPN 连接。创建 AD 连接器,并连接到本地 Active Directory。为 MFA 配置 RADIUS 服务器。 选择理由: 该选项最直接地满足题干中的关键约束。做 SAP-C02 题目时,需要同时对照题干里的限定词,例如最高性能、最低运维开销、成本效益、可靠性、可扩展性、安全性、RTO/RPO...