AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create an AWS PrivateLink endpoint service. Configure the endpoint service to require acceptance that will be granted to approved customers only., Associate the ALB with the endpoint service.

To meet the company's requirements with the least operational overhead, the best approach is to use AWS PrivateLink. AWS PrivateLink provides private connectivity between VPCs, AWS services, and on-premises applications, securely on the Amazon network. It allows the company to expose their web service to approved customers without making it accessible to all customers. Option B suggests creating an AWS PrivateLink endpoint service and configuring it to require acceptance, which will be granted to approved customers only. This approach ensures that only approved customers can access the web service, meeting the company's security requirements. Option E suggests associating the ALB with the endpoint service. This is necessary because the ALB is the front-end for the web service, and associating it with the endpoint service ensures that traffic from approved customers is routed through the PrivateLink connection, maintaining the security and privacy of the web service. Therefore, the combination of steps B and E will meet the company's requirements with the least operational overhead.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Create an AWS PrivateLink endpoint service. Configure the endpoint service to require acceptance that will be granted to approved customers only., Associate the ALB with the endpoint service.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company has created a web service for language translation, hosted on a fleet of Amazon EC2 instances within an Auto Scaling group. These instances are deployed in a private subnet and are fronted by an Application Load Balancer (ALB). The web service handles requests with data sizes in the hundreds of megabytes.

The company must enable specific customers, each with their own AWS account, to access the web service. Access should be restricted to approved customers only, without exposing the service to all customers.

Which two-step combination will fulfill these requirements with the MINIMUM operational overhead? (Choose two.)

Exam-Like

Last updated: February 20, 2026 at 14:03

Create VPC peering connections with the approved customers only.

0.0%

Create an AWS PrivateLink endpoint service. Configure the endpoint service to require acceptance that will be granted to approved customers only.

50.0%

Configure an authentication action for the endpoint service's load balancer to allow customers to log in by using their AWS credentials. Provide only approved customers with the URL.

Configure a Network Load Balancer (NLB) and a listener with the ALB as a target. Associate the NLB with the endpoint service.