SCS-C03 · Question #45
SCS-C03 Question #45: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C03 to reveal the answer and full explanation for question #45. The question stem and answer options stay visible for context.
Question
A security engineer has designed a VPC to segment private traffic from public traffic. The VPC includes two Availability Zones. Each Availability Zone contains one public subnet and one private subnet. Three route tables exist: one for the public subnets and one for each private subnet. The security engineer discovers that all four subnets are routing traffic through the internet gateway that is attached to the VPC. Which combination of steps should the security engineer take to remediate this scenario? (Select TWO.)
Options
- AVerify that a NAT gateway has been provisioned in the public subnet in each Availability Zone.
- BVerify that a NAT gateway has been provisioned in the private subnet in each Availability Zone.
- CModify the route tables for the public subnets to add a local route to the VPC CIDR range.
- DModify the route tables for the private subnets to route 0.0.0.0/0 to the NAT gateway in the public
- EModify the route tables for the private subnets to route 0.0.0.0/0 to the internet gateway.
Unlock SCS-C03 to see the answer
You've previewed enough free SCS-C03 questions. Unlock SCS-C03 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.