A company operates its AWS environment in a single AWS Region, comprising several hundred application VPCs, a shared services VPC, and a VPN connection to its on-premises network. A network engineer must configure a transit gateway with the following requirements: • Application VPCs must remain isolated from each other. • Bidirectional communication must be enabled between the application VPCs and the on-premises network. • Bidirectional communication must be enabled between the application VPCs and the shared services VPC. The network engineer has set up the transit gateway with default route table association and propagation disabled. They have also created the VPN attachment for the on-premises network and VPC attachments for the application VPCs and shared services VPC. To meet all requirements with the fewest transit gateway route tables, which two actions should the network engineer take? (Choose two.) | AWS Certified Advanced Networking - Specialty Quiz