AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 264

A company is establishing hybrid cloud connectivity from an on-premises environment to AWS in the us-east-1 Region. The company is using a 10 Gbps AWS Direct Connect dedicated connection. The company has two accounts in AWS. Account A has transit gateways in four AWS Regions. Account В has transit gateways in three Regions. The company does not plan to expand.

To meet security requirements the company's accounts must have separate cloud infrastructure.
Which solution will meet these requirements MOST cost-effectively?

Answer options

• A. Create one Direct Connect gateway in us-east-1. Use AWS Resource Access Manager (AWS RAM) to share the Direct Connect gateway with each account. Create a transit VIF for Account Associate the four transit gateways in Account A to the Direct Connect gateway. Create a transit VIF for Account B. Associate the three transit gateways in Account В to the Direct Connect gateway.
• B. Create one Direct Connect gateway in us-east-1 for Account A. Create a second Direct Connect gateway in us-east-1 for Account Create a transit VIF for Account A. Associate the four transit gateways in Account A to the Direct Connect gateway in Account A. Create a transit VIF for Account Associate the three transit gateways in Account В to the Direct Connect gateway in Account В.
• C. Create one Direct Connect gateway in us-east-1. Use AWS Resource Access Manager (AWS RAM) to share the Direct Connect gateway with each account. Create a transit VIF for Account A. Associate the four transit gateways in Account A to the Direct Connect gateway. Order a new 10 Gbps Direct Connect dedicated connection for Account B. Create a transit VIF on the new Direct Connect connection for Account B. Associate the three transit gateways in Account В to the Direct Connect gateway.
• D. Create one Direct Connect gateway in us-east-1 for Account A. Create a second Direct Connect gateway in us-east-1 for Account B. Create a transit VIF for Account A. Associate the four transit gateways in Account A to the Direct Connect gateway in Account A. Order a new 10 Gbps Direct Connect dedicated connection for Account В. Create a transit VIF on the new Direct Connect connection for Account В. Associate the three transit gateways in Account В to the Direct Connect gateway in Account В.

Correct answer: B

Explanation

The correct answer is B because it provides separate Direct Connect gateways for each account, ensuring security requirements are met while also being the most cost-effective option. Options A, C, and D involve unnecessary additional costs or complexities, such as sharing a Direct Connect gateway or ordering new connections that are not needed for the established infrastructure.