AWS Certified Solutions Architect – Associate (SAA-C02) — Question 159

A company wants to use an AWS Region as a disaster recovery location for its on-premises infrastructure. The company has 10 TB of existing data, and the on- premise data center has a 1 Gbps internet connection. A solutions architect must find a solution so the company can have its existing data on AWS in 72 hours without transmitting it using an unencrypted channel.
Which solution should the solutions architect select?

Answer options

• A. Send the initial 10 TB of data to AWS using FTP.
• B. Send the initial 10 TB of data to AWS using AWS Snowball.
• C. Establish a VPN connection between Amazon VPC and the company's data center.
• D. Establish an AWS Direct Connect connection between Amazon VPC and the company's data center.

Correct answer: C

Explanation

The correct answer is C because establishing a VPN connection allows for secure, encrypted data transfer between the company's data center and AWS. Options A and B do not meet the requirement for encryption during transfer, and option D, while it provides a dedicated connection, may not be necessary for the immediate data transfer requirements.