ANS-C01 · Question #134
ANS-C01 Question #134: Real Exam Question with Answer & Explanation
Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #134. The question stem and answer options stay visible for context.
Question
A network engineer needs to build an encrypted connection between an on-premises data center and a VPC. The network engineer attaches the VPC to a virtual private gateway and sets up an AWS Site-to-Site VPN connection. The VPN tunnel is UP after configuration and is working. However, during rekey for phase 2 of the VPN negotiation, the customer gateway device is receiving different parameters than the parameters that the device is configured to support. The network engineer checks the IPsec configuration of the VPN tunnel. The network engineer notices that the customer gateway device is configured with the most secure encryption algorithms that the AWS Site-to-Site VPN configuration file provides. What should the network engineer do to troubleshoot and correct the issue?
Options
- ACheck the native virtual private gateway logs. Restrict the VPN tunnel options to the specific VPN
- BCheck the native customer gateway logs. Restrict the VPN tunnel options to the specific VPN
- CCheck Amazon CloudWatch logs of the virtual private gateway. Restrict the VPN tunnel options to
- DCheck Amazon CloudWatch logs of the customer gateway. Restrict the VPN tunnel options to the
Unlock ANS-C01 to see the answer
You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.