ANS-C01 · Question #169
ANS-C01 Question #169: Real Exam Question with Answer & Explanation
Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #169. The question stem and answer options stay visible for context.
Question
A company has an AWS environment that includes multiple VPCs that are connected by a transit gateway. The company has decided to use AWS Site-to-Site VPN to establish connectivity between its on-premises network and its AWS environment. The company does not have a static public IP address for its on-premises network. A network engineer must implement a solution to initiate the VPN connection on the AWS side of the connection for traffic from the AWS environment to the on-premises network. Which combination of steps should the network engineer take to establish VPN connectivity between the transit gateway and the on-premises network? (Choose three.)
Options
- AConfigure the Site-to-Site VPN tunnel options to use Internet Key Exchange version 1 (IKEv1).
- BConfigure the Site-to-Site VPN tunnel options to use Internet Key Exchange version 2 (IKEv2).
- CUse a private certificate authority (CA) from AWS Private Certificate Authority to create a
- DUse a public certificate authority (CA) from AWS Private Certificate Authority to create a
- ECreate a customer gateway. Specify the current dynamic IP address of the customer gateway
- FCreate a customer gateway without specifying the IP address of the customer gateway device.
Unlock ANS-C01 to see the answer
You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.