Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Professional peer identity authentication between VPN gateway and customer gateway

Tagged: 

  • peer identity authentication between VPN gateway and customer gateway

     TutorialsDojo-Support updated 3 years, 10 months ago 2 Members · 2 Posts
    AWS Certified Solutions Architect Professional

  • joseph

    Member
    June 19, 2020 at 7:09 pm

    Dear Support

    For the question

    You are working as a Senior AWS Solutions Architect in a company in Silicon Valley. Your client has asked you to design a connectivity solution between on-premises infrastructure and their Amazon VPC. The goal is to allow communication of the on-premises servers with the EC2 instances running in the VPC. You considered establishing IPSec tunnels over the Internet using VPN gateways and terminating the IPsec tunnels on AWS-supported customer gateways.

    Which of the following objectives would you achieve by implementing an IPSec tunnel as described above? (Choose 4)

    the option

    “You obtain peer identity authentication between VPN gateway and customer gateway.”

    should be correct, because there is end to end authentication needed to be done, before u establish a connection . The author who set the question might have thought about Application authentication, If it is application authentication , yes it is correct.

    Here it is not application authentication, if is VPN end point connection

  • TutorialsDojo-Support

    Member
    June 20, 2020 at 10:43 am

    Hi Joseph,

    Thank you for your feedback.

    This question wants to know the benefits you get when you implement IPSec tunneling with VPN on AWS. “You obtain peer identity authentication between VPN gateway and customer gateway.” is indeed correct.

    Here are the choices and the correct answer based on my question bank:

    You obtain data integrity protection across the Internet. – correct

    Your data is encrypted across the Internet. – correct

    Your data in transit is protected over the Internet. – correct

    You obtain end-to-end identity authentication. – incorrect (This authentication should be done on the application level, IPSec doesn’t control this)

    You obtain peer identity authentication between VPN gateway and customer gateway. – correct (This authentication is required by IPSec to establish connection between the two gateways)

    You receive end-to-end protection of data in transit. – incorrect

    Thanks and Regards,

    Kenneth Samonte @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now