AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 89
A company uses a 1 Gbps AWS Direct Connect connection to connect its AWS environment to its on-premises data center. The connection provides employees with access to an application VPC that is hosted on AWS. Many remote employees use a company-provided VPN to connect to the data center. These employees are reporting slowness when they access the application during business hours. On-premises users have started to report similar slowness while they are in the office.
The company plans to build an additional application on AWS. On-site and remote employees will use the additional application. After the deployment of this additional application, the company will need 20% more bandwidth than the company currently uses. With the increased usage, the company wants to add resiliency to the AWS connectivity. A network engineer must review the current implementation and must make improvements within a limited budget.
What should the network engineer do to meet these requirements MOST cost-effectively?
Answer options
- A. Set up a new 1 Gbps Direct Connect dedicated connection to accommodate the additional traffic load from remote employees and the additional application. Create a link aggregation group (LAG).
- B. Deploy an AWS Site-to-Site VPN connection to the application VPC. Configure the on-premises routing for the remote employees to connect to the Site-to-Site VPN connection.
- C. Deploy Amazon Workspaces into the application VPInstruct the remote employees to connect to Workspaces.
- D. Replace the existing 1 Gbps Direct Connect connection with two new 2 Gbps Direct Connect hosted connections. Create an AWS Client VPN endpoint in the application VPC. Instruct the remote employees to connect to the Client VPN endpoint.
Correct answer: B
Explanation
The correct answer is B because deploying an AWS Site-to-Site VPN connection allows remote employees to securely access the application VPC without the need for additional dedicated connections, thus being cost-effective. Option A involves setting up a new Direct Connect connection, which is more expensive, while C suggests using Amazon Workspaces, which may not address the bandwidth issue directly. Option D proposes replacing the current connection with two larger ones, which also incurs higher costs and does not directly resolve the slowness issue.