ANS-C01 · Question #212
ANS-C01 Question #212: Real Exam Question with Answer & Explanation
The correct answer is C: Create an AWS Cloud WAN core network with an edge location in both Regions. Configure a. To efficiently scale a multi-region, multi-business unit network with isolation requirements, the company should migrate to AWS Cloud WAN, configuring a core network with edge locations in each region and assigning a separate segment for each business unit, with policies controll
Question
A company has two business units (BUs). The company operates in the us-east-1 Region and the us-west-1 Region. The company plans to extend to more Regions in the future. Each BU has a VPC in each Region. Each Region has a transit gateway with the BU VPCs attached. The transit gateways in both Regions are peered. The company will create several more BUs in the future and will need to isolate some of the BUs from the other BUs. The company wants to migrate to an architecture to incorporate more Regions and BUs. Which solution will meet these requirements with the MOST operational efficiency?
Options
- ACreate a new transit gateway for each new BU in each Region. Peer the new transit gateways
- BCreate an AWS Cloud WAN core network with an edge location in both Regions. Configure a
- CCreate an AWS Cloud WAN core network with an edge location in both Regions. Configure a
- DAttach new VPCs to the existing transit gateways. Update route tables to control traffic between
Explanation
To efficiently scale a multi-region, multi-business unit network with isolation requirements, the company should migrate to AWS Cloud WAN, configuring a core network with edge locations in each region and assigning a separate segment for each business unit, with policies controlling inter-segment traffic.
Common mistakes.
- A. Creating a new Transit Gateway for each new BU in each Region and peering them leads to a complex, unscalable, and difficult-to-manage N-squared peering mesh as the number of BUs and Regions grows, which is inefficient.
- B. While AWS Cloud WAN is the right service, configuring a single segment for all business units would prevent the company from isolating some BUs from others, directly failing a key requirement.
- D. Attaching new VPCs to existing Transit Gateways and managing isolation purely through TGW route tables becomes increasingly complex and less operationally efficient as the number of BUs, VPCs, and Regions increases, especially when granular isolation rules are needed across regions.
Concept tested. AWS Cloud WAN for multi-region, multi-BU networking with segmentation
Reference. https://aws.amazon.com/cloud-wan/
Community Discussion
No community discussion yet for this question.