ExpertAWS SAP-C02 · Question 01 · Domain 1.1: Network Connectivity
A global enterprise requires highly available hybrid connectivity between its on-premises data centers in New York and London to AWS VPCs in us-east-1 and eu-west-2. The solution must provide line-rate encryption and protect against a single AWS Direct Connect location failure. Which architecture meets these requirements with the LEAST operational overhead?
A global enterprise requires highly available hybrid connectivity between its on-premises data centers in New York and London to AWS VPCs in us-east-1 and eu-west-2. The solution must provide line-rate encryption and protect against a single AWS Direct Connect location failure. Which architecture meets these requirements with the LEAST operational overhead?
Answer options:
Provision one DX connection per region. Establish IPsec VPNs over the DX connections to Transit Gateways.
Provision two DX connections in each region at different DX locations. Enable MACsec on the connections. Use Direct Connect gateways associated with Transit Gateways in each region.
Provision two DX connections per region. Use AWS VPN CloudHub for encryption and routing between regions.
Provision one DX connection and one Site-to-Site VPN per region. Enable MACsec on the VPN.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 6
75 questions · hints · full answers · grading