You are designing a connectivity solution between on-premises infrastructure and Amazon VPC. Your servers
on-premises will be communicating with your VPC instances. You will be establishing IPSec tunnels over the
Internet You will be using VPN gateways, and terminating the IPSec tunnels on AWS supported customer
gateways.
Which of the following objectives would you achieve by implementing an IPSec tunnel as outlined above?
Choose 4 answers
A.
End-to-end protection of data in transit
B.
End-to-end Identity authentication
C.
Data encryption across the Internet
D.
Protection of data in transit over the Internet
E.
Peer identity authentication between VPN gateway and customer gateway
F.
Data integrity protection across the Internet
C,D,E,F
This question is perverse, the trap resides in the fact that by “end to end” implies both the client machine and the EC2 instance, which is not true. Thus A and B are false. Correct answers are C, D, E and F.
c,d,ef