Q85 — AWS ANS-C01 Ch.1

Question 85 of 100 | ← Chapter 1

A company uses the us-east-1 Region and the ap-south-1 Region for its business units (BUs). The BUS are named BU-1 and BU-Z. For each BU, There are two VPCs in us-east-1 and one VPC in ap-south-1. Because of workload isolation requirements, resources can communicate within the same BU but cannot communicate with resources in the other BU. The company plans to add more BUs and plans to expand into more Regions Which solution will meet these requirements with the MOST operational efficiency?

Correct Answer: D. Configure an AWS Cloud WAN network that operates in the required Regions. Create AWS Cloud WAN segments for each BU Configure VPC Attachments for each BU’s VPCs to the corresponding BU segment.

Explanation

该题核心考察AWS多区域网络隔离方案的选型。AWS Cloud WAN通过分段(Segments)实现逻辑隔离,每个业务单元对应独立Segment,VPC挂载到对应Segment后自动实现跨区域互通且天然隔离其他Segment流量,无需配置路由规则。D选项直接利用Cloud WAN原生分段机制,在扩展新BU时仅需创建对应Segment并挂载VPC,符合"最高运营效率"要求;而其他选项涉及手动维护路由策略(A/C)或跨区域网关对等(B),均增加运维复杂度。