ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 72 - ANS-C00 discussion

Report
Export

A company requires connectivity between two workloads that are located in separate VPCs: VPC A and VPC

A.
The VPCs are located in the same AWS Region. A network engineer has configured a VPC peering relationship between the VPCs.The network engineer is testing for connectivity by using the ping command from an Amazon EC2 instance in VPC A with address 10.1.1.1 to another EC2 instance in VPC B with address 10.2.2.2. The pings are timing out. Which combination of stops should the network engineer take to troubleshoot the problem? (Choose three.)
Answers
A.
The VPCs are located in the same AWS Region. A network engineer has configured a VPC peering relationship between the VPCs.The network engineer is testing for connectivity by using the ping command from an Amazon EC2 instance in VPC A with address 10.1.1.1 to another EC2 instance in VPC B with address 10.2.2.2. The pings are timing out. Which combination of stops should the network engineer take to troubleshoot the problem? (Choose three.)
B.
Ensure that the security group rules allow ICMP traffic from the source EC2 instance to the target EC2 instance.
Answers
B.
Ensure that the security group rules allow ICMP traffic from the source EC2 instance to the target EC2 instance.
C.
Ensure that the security group rules allow the flow of UDP traffic from the source EC2 instance to the target EC2 instance.
Answers
C.
Ensure that the security group rules allow the flow of UDP traffic from the source EC2 instance to the target EC2 instance.
D.
Ensure that the network ACL rules allow ICMP traffic between the source EC2 instance and the target EC2 instance.
Answers
D.
Ensure that the network ACL rules allow ICMP traffic between the source EC2 instance and the target EC2 instance.
E.
Ensure that the security group rules allow the flow of TCP traffic from the source EC2 instance to the target EC2 instance.
Answers
E.
Ensure that the security group rules allow the flow of TCP traffic from the source EC2 instance to the target EC2 instance.
F.
Verify that routes have been added to the respective VPC route tables to forward traffic that is destined for the other VPC through the peering connection.
Answers
F.
Verify that routes have been added to the respective VPC route tables to forward traffic that is destined for the other VPC through the peering connection.
G.
Configure the VPC peering settings to activate bidirectional traffic support.
Answers
G.
Configure the VPC peering settings to activate bidirectional traffic support.
Suggested answer: B, D, F

Explanation:

Explanation:

EC2 instance as a DNS server, you must ensure that TCP and UDP traffic can reach your DNS server over port 53.

Configuring bidirectional VPC peering.

Reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html

https://docs.fortinet.com/document/fortigate-public-cloud/7.0.0/gcp-administration-guide/741384/configuring-bidirectionalvpc-peering

asked 16/09/2024
Tim Wersinger
42 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first