SCS-C02 · Question #101
SCS-C02 Question #101: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #101. The question stem and answer options stay visible for context.
Question
A company is using AWS Organizations to implement a multi-account strategy. The company does not have on-premises infrastructure. All workloads run on AWS. The company currently has eight member accounts. The company anticipates that it will have no more than 20 AWS accounts total at any time. The company issues a new security policy that contains the following requirements: - No AWS account should use a VPC within the AWS account for workloads. - The company should use a centrally managed VPC that all AWS accounts can access to launch workloads in subnets. - No AWS account should be able to modify another AWS account's application resources within the centrally managed VPC. - The centrally managed VPC should reside in an existing AWS account that is named Ac-count- A within an organization. The company uses an AWS CloudFormation template to create a VPC that contains multiple subnets in Account-A. This template exports the subnet IDs through the CloudFormation Outputs section. Which solution will complete the security setup to meet these requirements?
Options
- AUse a CloudFormation template in the member accounts to launch workloads. Configure the
- BUse a transit gateway in the VPC within Account-A. Configure the member accounts to use the
- CUse AWS Resource Access Manager (AWS RAM) to share Account-A's VPC subnets with the
- DCreate a peering connection between Account-A and the remaining member accounts. Configure
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.