{"id":225,"date":"2021-01-08T06:32:38","date_gmt":"2021-01-08T06:32:38","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/aws-certified-sysops-administrator-soa-c01-question218\/"},"modified":"2021-01-08T06:32:38","modified_gmt":"2021-01-08T06:32:38","slug":"aws-certified-sysops-administrator-soa-c01-question218","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/aws-certified-sysops-administrator-soa-c01-question218\/","title":{"rendered":"AWS Certified SysOps Administrator SOA-C01 &#8211; Question218"},"content":{"rendered":"<div class=\"question\">A user has created a VPC with CIDR 20.0.0.0\/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0\/24) and VPN only subnets CIDR (20.0.1.0\/24) along with the VPN gateway (vgw-12345) to connect to the user\u2019s data center. The user\u2019s data center has CIDR 172.28.0.0\/12. The user has also setup a NAT instance (i-123456) to allow traffic to the internet from the VPN subnet. Which of the below mentioned options is not a valid entry for the main route table in this scenario? <br \/><strong><br \/>A.<\/strong> Destination: 20.0.1.0\/24 and Target: i-12345 <br \/><strong>B.<\/strong> Destination: 0.0.0.0\/0 and Target: i-12345 <br \/><strong>C.<\/strong> Destination: 172.28.0.0\/12 and Target: vgw-12345 <br \/><strong>D.<\/strong> Destination: 20.0.0.0\/16 and Target: local<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>A<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nExplanation: The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data center, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data center. When the user has configured this setup with Wizard, it will create a virtual private gateway to route all traffic of the VPN subnet. If the user has setup a NAT instance to route all the Internet requests, then all requests to the internet should be routed to it. All requests to the organization\u2019s DC will be routed to the VPN gateway.<br \/>\nHere are the valid entries for the main route table in this scenario:<br \/>\nDestination: 0.0.0.0\/0 &#038; Target: i-12345 (To route all internet traffic to the NAT Instance.<br \/>\nDestination: 172.28.0.0\/12 &#038; Target: vgw-12345 (To route all the organization\u2019s data center traffic to the VPN gateway).<br \/>\nDestination: 20.0.0.0\/16 &#038; Target: local (To allow local routing in VPC).<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A user has created a VPC with CIDR 20.0.0.0\/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0\/24) and VPN only subnets CIDR (20.0.1.0\/24) along with the VPN gateway (vgw-12345) to connect to the user\u2019s data center. The user\u2019s data center has CIDR 172.28.0.0\/12. The user has also setup a NAT instance [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,221],"class_list":["post-225","post","type-post","status-publish","format-standard","hentry","category-aws-certified-sysops-administrator-soa-c01","tag-aws-certified-sysops-administrator-soa-c01","tag-question-218"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/posts\/225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/comments?post=225"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/posts\/225\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/media?parent=225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/categories?post=225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/SysOps_Administrator_SOA-C01\/wp-json\/wp\/v2\/tags?post=225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}