AWS Certified SysOps Administrator SOA-C01 – Question227

A user has setup a VPC with CIDR 20.0.0.0/16. The VPC has a private subnet (20.0.1.0/24. and a public subnet (20.0.0.0/24.. The user’s data center has CIDR of 20.0.54.0/24 and 20.1.0.0/24. If the private subnet wants to communicate with the data center, what will happen?

A.
It will allow traffic communication on both the CIDRs of the data center
B. It will not allow traffic with data center on CIDR 20.1.0.0/24 but allows traffic communication on 20.0.54.0/24
C. It will not allow traffic communication on any of the data center CIDRs
D. It will allow traffic with data center on CIDR 20.1.0.0/24 but does not allow on 20.0.54.0/24

Correct Answer: D

Explanation:

Explanation: VPC allows the user to set up a connection between his VPC and corporate or home network data center. If the user has an IP address prefix in the VPC that overlaps with one of the networks’ prefixes, any traffic to the network’s prefix is dropped. In this case CIDR 20.0.54.0/24 falls in the VPC’s CIDR range of 20.0.0.0/16. Thus, it will not allow traffic on that IP. In the case of 20.1.0.0/24, it does not fall in the VPC’s CIDR range. Thus, traffic will be allowed on it.