Your business has implemented a highly available Direct Connect system that makes use of two datacenters. Each data center is equipped with one LAG with two connections and one ordinary DX connection. How many LOAs will be completed in total if your organization successfully completes an order for the addition of a new connection to each of the LAGs?
You currently use a single security group assigned to all nodes in a clustered NoSQL database. Only your cluster members in one region must be able to connect to each other. This security group uses a self-referencing rule using the cluster security group’ s group -id to make it easier to add or remove nodes from the cluster. You need to make this database comply with out -of-region disaster recovery requirements and ensure that the network traffic between the nodes is encrypted when travelling between regions. How should you enable secure cluster communication while deploying additional cluster members in another AWS region?
You have to set up an AWS Direct Connect connection to connect your on -premises to an AWS VPC. Due to budget requirements, you can only provision a single Direct Connect port. You have two border gateway routers at your on -premises data center that can peer with the Direct Connect routers for redundancy. Which two design methodologies, in combinati on, will achieve this connectivity? (Select two.)
Your organization needs to resolve DNS entries stored in an Amazon Route 53 private zone “awscloud:internal” from the corporate network. An AWS Direct Connect connection with a private virtual interface is configured to provide access to a VPC with the CID R block 192.168.0.0/16. A DNS Resolver (BIND) is configured on an Amazon Elastic Compute Cloud (EC2) instance with the IP address 192.168.10.5 within the VPC. The DNS Resolver has standard root server hints configured and conditional forwarding for “awsclo ud.internal” to the IP address 192.168.0.2. From your PC on the corporate network, you query the DNS server at 192.168.10.5 for www.amazon.com . The query is successful and returns the appropriate response. When you query for “server.awscloud.internal”, the query times out. You receive no response. How should you enable successful queries for “server.awscloud.internal”?
Your company’s policy requires that all VPCs peer with a “common services: VPC. This VPC contains a fleet of layer 7 proxies and an Internet gateway. No other VPC is allowed to provision an Internet gateway. You configure a new VPC and peer with the common service VPC as required by policy. You launch an Amazon EC2. Windows instance configured to forward all traffic to the layer 7 proxies in the common services VPC. The application on this server should successfully interact with Amazon S3 using its properly configured AWS Identity and Access Management (IAM) role. However, Amazon S3 is returning 403 errors to the application. Which step should you take to enable access to Amazon S3?
Your organization’s corporate website must be available on www.acme.com and acme.com. How should you configure Amazon Route 53 to meet this requirement?
