ExpertAWS SAP-C02 · Question 01 · Domain 1.1: Network Connectivity
A global enterprise is designing a multi-region network architecture connecting 50 AWS accounts across 3 AWS Regions and 4 on-premises data centers. The company requires transitive routing between all VPCs and on-premises networks. Traffic between AWS Regions must be encrypted and traverse the AWS global network. The solution must minimize operational overhead and support up to 50 Gbps of bandwidth per region. Which architecture meets these requirements MOST cost-effectively?
A global enterprise is designing a multi-region network architecture connecting 50 AWS accounts across 3 AWS Regions and 4 on-premises data centers. The company requires transitive routing between all VPCs and on-premises networks. Traffic between AWS Regions must be encrypted and traverse the AWS global network. The solution must minimize operational overhead and support up to 50 Gbps of bandwidth per region. Which architecture meets these requirements MOST cost-effectively?
Answer options:
Deploy AWS Transit Gateway in each Region. Peer the Transit Gateways. Connect on-premises data centers using AWS Direct Connect with MACsec.
Create a full mesh of VPC peering connections across all 50 accounts and 3 Regions. Use AWS VPN CloudHub for on-premises connectivity.
Deploy a third-party SD-WAN virtual appliance in a transit VPC in each Region. Establish IPsec VPNs between all VPCs and the transit VPCs.
Use AWS Direct Connect Gateway to connect all VPCs directly to the on-premises networks. Enable SiteLink for VPC-to-VPC routing.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 7
75 questions · hints · full answers · grading