PrepAway - Latest Free Exam Questions & Answers

What additional step is required to allow access from t…

You manually launch a NAT AMI in a public subnet. The network is properly configured. Security groups and
network access control lists are property configured. Instances in a private subnet can access the NAT. The
NAT can access the Internet. However, private instances cannot access the Internet. What additional step is
required to allow access from the private instances?

PrepAway - Latest Free Exam Questions & Answers

A.
Enable Source/Destination Check on the private Instances.

B.
Enable Source/Destination Check on the NAT instance.

C.
Disable Source/Destination Check on the private instances.

D.
Disable Source/Destination Check on the NAT instance.

Explanation:
Disabling Source/Destination Checks.
Each EC2 instance performs source/destination checks by default. This means that the instance must be the
source or destination of any traffic it sends or receives. However, a NAT instance must be able to send and
receive traffic when the source or destination is not itself. Therefore, you must disable source/destination
checks on the NAT instance. You can disable the SrcDestCheck attribute for a NAT instance that’s either
running or stopped using the console or the command line.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html

PrepAway - Latest Free Exam Questions & Answers

10 Comments on “What additional step is required to allow access from t…

  1. Maddy says:

    Hello Friends, i passed the Associate certification with 64%. There are some basic questions on API, Lambda, CORS, Kinesis and DynamoDB. Go through the FAQs and whizlabs practice tests. These practice tests are more of latest dumps i would say. The dumps here in breifmenow will help you but these are not updated.




    1



    0

Leave a Reply

Your email address will not be published. Required fields are marked *