AWS Certified Advanced Networking Specialty Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the AWS Certified Advanced Networking Specialty Exam with detailed flashcards and multiple-choice questions. Each question includes hints and explanations. Ace your exam with confidence!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

For a new VPN termination device to be used as a customer gateway, what must it support?

  1. L2TP protocol

  2. Proxy ARP

  3. IPsec protocol

  4. GRE tunneling

The correct answer is: IPsec protocol

To serve as a customer gateway for a VPN connection to AWS, the device must support the IPsec (Internet Protocol Security) protocol. IPsec is the standard protocol suite used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session. This ensures robust security for data in transit between the customer’s network and AWS. IPsec enables the establishment of a secure phase (Phase 1) followed by the effective exchange of encrypted data in the next phases (Phase 2). This security framework is essential for creating site-to-site VPN connections, including those configured within AWS using Virtual Private Cloud (VPC). The mandatory support for IPsec ensures that the VPN traffic can be securely encapsulated and transmitted over the Internet, which is crucial for maintaining data integrity and confidentiality. Options like L2TP (Layer 2 Tunneling Protocol) and GRE (Generic Routing Encapsulation), while used in various tunneling scenarios, do not offer the same robust security features on their own that IPsec does. Proxy ARP is more related to address resolution and is not a requirement for a customer gateway device in the context of establishing a VPN with AWS. Hence, the focus on IPsec makes it the necessary protocol for

More Questions Like This