AWS Certified Solutions Architect Associate SAA-C03 Practice Question

A company wishes to deploy a new web service in the cloud that should be publicly accessible. Additionally, the service needs to interact with a data center located on-premises without exposing this interaction to the public internet. Which setup will best achieve this objective?

  • Use a Network Interface with an associated Elastic IP in conjunction with a dedicated customer gateway to regulate access between the web clients and the internal data center.

  • Deploy a NAT Gateway for instances that must communicate with external web clients, accompanied by rigorously configured Security Groups allowing ingress from known internal IP ranges.

  • Establish a site-to-site VPN connection using a Virtual Private Gateway, while enabling public internet connectivity with an Internet Gateway.

  • Utilize an Elastic Load Balancer for internet-facing traffic and a Network Access Control List set to accept connections exclusively from the data center IP range.

AWS Certified Solutions Architect Associate SAA-C03
Design Secure Architectures
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot