Examice

Exam SAP-C02 All QuestionsBrowse all questions from this exam

Question 232

A company needs to establish a connection from its on-premises data center to AWS. The company needs to connect all of its VPCs that are located in different AWS Regions with transitive routing capabilities between VPC networks. The company also must reduce network outbound traffic costs, increase bandwidth throughput, and provide a consistent network experience for end users.

Which solution will meet these requirements?

Create an AWS Site-to-Site VPN connection between the on-premises data center and a new central VPC. Create VPC peering connections that initiate from the central VPC to all other VPCs.

Create an AWS Direct Connect connection between the on-premises data center and AWS. Provision a transit VIF, and connect it to a Direct Connect gateway. Connect the Direct Connect gateway to all the other VPCs by using a transit gateway in each Region.

Create an AWS Site-to-Site VPN connection between the on-premises data center and a new central VPUse a transit gateway with dynamic routing. Connect the transit gateway to all other VPCs.

Create an AWS Direct Connect connection between the on-premises data center and AWS. Establish an AWS Site-to-Site VPN connection between all VPCs in each Region. Create VPC peering connections that initiate from the central VPC to all other VPCs.

Correct Answer: B

The company needs a solution that provides high bandwidth throughput, reduces network outbound traffic costs, and offers a consistent network experience for end users across different AWS Regions. The best solution is to create an AWS Direct Connect connection between the on-premises data center and AWS. By provisioning a transit Virtual Interface (VIF) and connecting it to a Direct Connect gateway, the company can achieve fast, reliable, and cost-efficient communication. The Direct Connect gateway can then be connected to all other VPCs using a transit gateway in each region, offering the required transitive routing capabilities between VPC networks.

Discussion

Pupu86Option: B

In fact site to site VPN would be more affordable than deploying a Direct Connect leased line. However, AWS also wants to market their product by stating that there is a need to increase throughput (site to site only can achieve max of 1.25Gbps) and consistent user experience (AWS Direct Connect > Site-to-Site VPN) so B would be a better choice.

career360guruOption: B

Option B may not be most cost-effective best option in terms of performance.

SkyZeroZxOption: B

direct connect + vpc = direct connect gw + TGW. so B

rxhan

Mr. copy and paste

nexus2020Option: B

direct connect + vpc = direct connect gw + TGW. so B

gfhbox0083

B, for sure. For a consistent network experience

TonytheTigerOption: B

https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct-connect-aws-transit-gateway.html

joleneinthebackyard

Anyone can explain that why Site to Site VPN not valid?

fartosh

The company wants to increase bandwidth throughput, which is gained by establishing Direct Connect.

Gabehcoud

what if the situation is 1 AWS account, different VPC's across different regions? Can we still use a TGW?

hexieOption: B

B. Cant be D because TGW doesnt support transitive connections, so if users connect to a VPN it invalidate this options. A and C are skippable on the first phrase.

NikkyDickyOption: B

B no doubt

Maria2023Option: B

Transit gateway is a regional service but you can peer different TGs in different regions https://aws.amazon.com/about-aws/whats-new/2019/12/aws-transit-gateway-supports-inter-region-peering/

SmileyCloudOption: B

B. No need for D and S2S VPN.

aragon_saa

BBBBBBBBBBB?