Should the lesson state that a “2 way trust” is needed?

Hi, based on my understanding of trusts and the AWS documentation, i believe that a 1 way trust would be ok?

https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_setup_trust.html

A 1 way trust would allow AWS to trust an on premise AD which allows SSO etc, a 2 way trust would allow AWS hosted accounts to authenticate to on premise resources which may well be specifically not wanted like in the below exam question:

Here is a similar comment which i think the ACG moderator agrees with, based on vote for correct answer:

https://acloud.guru/forums/aws-certified-security-specialty/discussion/-Ld5-A1VQGx-0ndDgkdq/how_should_on-prem_ad_configur