Which two Amazon Web Services (AWS) features support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)
Which two Amazon Web Services (AWS) features support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)
A . A NAT gateway with an EIP
B . A transit gateway with an attachment
C . An Internet gateway with an EIP
D . A transit VPC
Answer: B D
Explanation
The correct answer is B and D. A transit gateway with an attachment and a transit VPC support east-west traffic inspection within the AWS cloud by the FortiGate VM.
According to the Fortinet documentation for Public Cloud Security, a transit gateway is a network transit hub that connects VPCs and on-premises networks. A transit gateway attachment is a resource that connects a VPC or VPN to a transit gateway. By using a transit gateway with an attachment, you can route traffic from your spoke VPCs to your security VPC, where the FortiGate VM can inspect the traffic1.
A transit VPC is a VPC that serves as a global network transit center for connecting multiple VPCs, remote networks, and virtual private networks (VPNs). By using a transit VPC, you can deploy the FortiGate VM as a virtual appliance that provides network security and threat prevention for your VPCs2.
The other options are incorrect because:
– A NAT gateway with an EIP is a service that enables instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances. A NAT gateway with an EIP does not support east-west traffic inspection within the AWS cloud by the FortiGate VM3.
– An Internet gateway with an EIP is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the internet.An Internet gateway with an EIP does not support east-west traffic inspection within the AWS cloud by the FortiGate VM4.
1: Fortinet Documentation Library – Deploying FortiGate VMs on AWS
2: [Fortinet Documentation Library – Transit VPC on AWS]
3: [NAT Gateways – Amazon Virtual Private Cloud]
4: [Internet Gateways – Amazon Virtual Private Cloud]
Latest NSE7_PBC-7.2 Dumps Valid Version with 37 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund