Multiple Choice
An organization wants to process sensitive information using the Amazon EMR service. The information is stored in on-premises databases. The output of processing will be encrypted using AWS KMS before it is uploaded to a customer-owned Amazon S3 bucket. The current configuration includes a VPS with public and private subnets, with VPN connectivity to the on-premises network. The security organization does not allow Amazon EC2 instances to run in the public subnet. What is the MOST simple and secure architecture that will achieve the organization's goal?
A) Use the existing VPC and configure Amazon EMR in a private subnet with an Amazon S3 endpoint.
B) use the existing VPS and a NAT gateway, and configure Amazon EMR in a private subnet with an Amazon S3 endpoint.
C) Create a new VPS without an IGW and configure the VPN and Amazon EMR in a private subnet with an Amazon S3 endpoint.
D) Create a new VPS without an IGW and configure the VPN and Amazon EMR in a private subnet with an Amazon S3 endpoint and a NAT gateway.
Correct Answer:
Verified
Correct Answer:
Verified
Q166: You are designing an AWS Direct Connect
Q167: You have a hybrid environment in which
Q168: If you have one VPC peered with
Q169: You are deploying an EC2 instance in
Q170: Over which of the following Ethernet standards
Q172: A company has deployed a production environment
Q173: Changes made to a security group attached
Q174: What port and protocol is used by
Q175: A user is running a batch process
Q176: Use _ to get more visibility into