Answer – B
First, here we have a difference between NAT Instance and NAT Gateway.
A NAT instance is an Amazon EC2 instance configured to forward traffic to the Internet. It can be launched from an existing AMI.
Instances in a private subnet that want to access the Internet can have their Internet-bound traffic forwarded to the NAT Instance via a Route Table configuration. The NAT Instance will then request the Internet (since it is in a Public Subnet), and the response will be forwarded back to the private instance.
AWS introduced a NAT Gateway Service that can take the place of a NAT Instance. The benefits of using a NAT Gateway service are:
It is a fully managed service -- create it, and it works automatically, including fail-over.
However, Security Groups cannot be associated with a NAT Gateway. You`ll need one in each AZ since they only operate in a single AZ.
Ensure that your NAT gateways are deployed in at least two Availability Zones (AZs) to enable EC2 instances available within private subnets to connect to the Internet or other AWS services but prevent the Internet from initiating a connection with those instances.
Option A is incorrect since this is a requirement for the NAT instance to function and will not satisfy the requirement for the question.
Option C is incorrect since you should use one type of device.
Option D is incorrect since you should achieve redundancy via Availability Zones.
For more information on the NAT gateway, please refer to the below URL-
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-comparison.html