Question 371 of 375 from exam CLF-C01: AWS Certified Cloud Practitioner

Question 371 of 375 from exam CLF-C01: AWS Certified Cloud Practitioner

Question

Refer to the following figure below A user wishing to access an application installed in “EC2-B” instance in “VPC B” can be reached by.

(Choose the best answer)

Internet

VPC A
10.100.0.0/16

Public IP

Private IP

c “
C24

Public

Public Subnet
A(10.100.0.0/24)

EC2-A-Private

Private Subnet B
(10.100.1.0/24)

VPC B
10.200.0.0/16

/

Private Subnet B
Private IP fea” (10.200.1.0/24)

EC2-B Private

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B.

Instances within a VPC's subnets can communicate with each other by default.

In order to seamlessly connect between different networks, a concept called VPC Peering is introduced by AWS.

Using a VPC Peering connection, instances in private subnets in two different networks can talk to each other.

In the above diagram, since VPC B does not have an Internet Gateway, the only way that an User can reach the EC2-B instance is through a VPC peering connection between EC2-A & EC2-B.

Option A is incorrect since this will involve modifications to the existing Architecture and dilute existing security configurations.

Option B is CORRECT.

The user can connect to VPC A, EC2-A Public, EC2-A Private, EC2-B Private to access applications installed on EC2-B.

Option C is incorrect since a VPN connection is normally used to connect On premises Servers to AWS services using the Internet.

Option D is incorrect since the only way to connect instances using Private IP's in different networks is through VPC Peering.

References:

https://youtu.be/HMInA8yMw1k https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html