SCS-C02 · Question #393
SCS-C02 Question #393: Real Exam Question with Answer & Explanation
The correct answer is C: Ensure the security groups for the AD hosted subnet has the right rule for relevant subnets. In addition to VPC peering and setting the right route tables, the security groups for the AD EC2 instance needs to ensure the right rules are put in place for allowing incoming traffic. Option A and B is invalid because changing the connection type will not help. This is a probl
Question
A windows machine in one VPC needs to join the AD domain in another VPC. VPC Peering has been established. But the domain join is not working. What is the other step that needs to be followed to ensure that the AD domain join can work as intended?
Options
- AChange the VPC peering connection to a VPN connection
- BChange the VPC peering connection to a Direct Connect connection
- CEnsure the security groups for the AD hosted subnet has the right rule for relevant subnets
- DEnsure that the AD is placed in a public subnet
Explanation
In addition to VPC peering and setting the right route tables, the security groups for the AD EC2 instance needs to ensure the right rules are put in place for allowing incoming traffic. Option A and B is invalid because changing the connection type will not help. This is a problem with the Security Groups. Option D is invalid since the AD should not be placed in a public subnet https://docs.aws.amazon.com/quickstart/latest/active- directory-ds/ingress.html
Community Discussion
No community discussion yet for this question.