New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company has an organization in AWS Organizations that has a large number of AWS...

  1. Home
  2. Amazon Web Services
  3. AWS Certified Professional
  4. SAP-C02
  5. SAP-C02 Questions
  6. AWS Certified Solutions Architect - Professional Practice Questions

A company has an organization in AWS Organizations that has a large number of AWS accounts. One of the AWS accounts is designated as a transit account and has a transit gateway that is shared with all of the other AWS accounts AWS Site-to-Site VPN connections are configured between ail of the company's global offices and the transit account The company has AWS Config enabled on all of its accounts.

The company's networking team needs to centrally manage a list of internal IP address ranges thatbelong to the global offices Developers Will reference this list to gain access to applications securely.

Which solution meets these requirements with the LEAST amount of operational overhead?

A.

Create a JSON file that is hosted in Amazon S3 and that lists all of the internal IP address ranges Configure an Amazon Simple Notification Service (Amazon SNS) topic in each of the accounts that can be involved when the JSON file is updated. Subscribe an AWS Lambda function to the SNS topic to update all relevant security group rules with Vie updated IP address ranges.

B.

Create a new AWS Config managed rule that contains all of the internal IP address ranges Use the rule to check the security groups in each of the accounts to ensure compliance with the list of IP address ranges. Configure the rule to automatically remediate any noncompliant security group that is detected.

C.

In the transit account, create a VPC prefix list with all of the internal IP address ranges. Use AWS Resource Access Manager to share the prefix list with all of the other accounts. Use the shared prefix list to configure security group rules is the other accounts.

D.

In the transit account create a security group with all of the internal IP address ranges. Configure the security groups in me other accounts to reference the transit account's securitygroup by using a nested security group reference of *./sg-1a2b3c4d".

Amazon Web Services SAP-C02 View All Questions

Amazon Web Services SAP-C02 Summary

  • Vendor: Amazon Web Services
  • Product: SAP-C02
  • Update on: Jan 7, 2026
  • Questions: 605
Price: $52.5  $149.99
Buy Now SAP-C02 PDF + Testing Engine Pack
Next
A company's factory and automaton applications are running in a single VPC More than 23...
A company has an application that uses Amazon EC2 instances in an Auto Scaling group.
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2026 examsvce.com. All Rights Reserved
mcafee secure

TESTED 07 Jan 2026