nerdexam
ExamsANS-C01Questions#142
AmazonAmazon

ANS-C01 · Question #142

ANS-C01 Question #142: Real Exam Question with Answer & Explanation

The correct answer is B: Enable the split-tunnel option on the Client VPN endpoint.. https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html

Submitted by valeria.br· Mar 6, 2026Configure Network Connectivity and Operations

Question

A company recently started using AWS Client VPN to give its remote users the ability to access resources in multiple peered VPCs and resources in the company's on-premises data center. The Client VPN endpoint route table has a single entry of 0.0.0.0/0. The Client VPN endpoint is using a new security group that has no inbound rules and a single outbound rule that allows all traffic to 0.0.0.0/0. Multiple remote users report that web search results are showing incorrect geographic location information for the users. Which combination of steps should a network engineer take to resolve this issue with the LEAST amount of service interruption? (Choose three.)

Options

  • ASwitch users to AWS Site-to-Site VPNs.
  • BEnable the split-tunnel option on the Client VPN endpoint.
  • CAdd routes for the peered VPCs and for the on-premises data center to the Client VPN route
  • DRemove the 0.0.0.0/0 outbound rule from the security group that the Client VPN endpoint uses.
  • EDelete and recreate the Client VPN endpoint in a different VPC.
  • FRemove the 0.0.0.0/0 entry from the Client VPN endpoint route table.

Explanation

https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html

Topics

#AWS Client VPN#VPN routing#Split Tunneling#Security Groups

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full ANS-C01 PracticeBrowse All ANS-C01 Questions