A software development company with remote engineers is operating Active Directory Domain Services (AD DS) on an Amazon EC2 instance. The company's security policy mandates that all internal, nonpublic services within a VPC must be accessible via VPN, with Multi-factor Authentication (MFA) enforced for VPN access. What solution should a solutions architect implement to fulfill these requirements? | AWS Certified Solutions Architect - Professional Quiz