AWS Certified Solutions Architect – Professional — Question 185

A user has created a VPC with public and private subnets using the VPC wizard. The VPC has CIDR 20.0.0.0/16. The private subnet uses CIDR 20.0.0.0/24. The
NAT instance ID is i-a12345.
Which of the below mentioned entries are required in the main route table attached with the private subnet to allow instances to connect with the internet?

Answer options

• A. Destination: 20.0.0.0/0 and Target: 80
• B. Destination: 20.0.0.0/0 and Target: i-a12345
• C. Destination: 20.0.0.0/24 and Target: i-a12345
• D. Destination: 0.0.0.0/0 and Target: i-a12345

Correct answer: D

Explanation

The correct answer is D because a route with a destination of 0.0.0.0/0 directs all outbound traffic to the internet through the NAT instance (i-a12345). Options A and C are incorrect as they specify incorrect destinations, and option B does not cover all internet traffic, which needs to be directed through 0.0.0.0/0.