AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Configure MACsec for the Direct Connect connection. Configure a transit VIF to a Direct Connect gateway that is associated with the transit gateway.

To meet the requirements of migrating critical workloads over encrypted paths with the highest throughput, the best solution involves leveraging MACsec for encryption on the Direct Connect connection and using a transit VIF to connect to a Direct Connect gateway associated with the transit gateway. MACsec provides encryption at the data link layer, ensuring that all traffic between the on-premises data center and AWS is encrypted. A transit VIF allows for the connection to be used with a transit gateway, facilitating the routing of traffic between the on-premises network and multiple VPCs or VPN connections. This setup not only meets the encryption requirement but also ensures high throughput by utilizing the full capacity of the 10 Gbps Direct Connect connection without the overhead associated with VPN connections. Option C is the correct choice as it directly addresses the need for encryption and high throughput. Options A, B, and D either do not provide the necessary encryption (A and D) or do not utilize the Direct Connect connection efficiently for high throughput (B).

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Configure MACsec for the Direct Connect connection. Configure a transit VIF to a Direct Connect gateway that is associated with the transit gateway.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company is migrating critical workloads from an on-premises data center to Amazon EC2 instances, utilizing a new 10 Gbps AWS Direct Connect dedicated connection to a VPC attached to a transit gateway. The migration requires encrypted paths between the on-premises data center and the AWS Cloud.

Which solution will fulfill these requirements while delivering the HIGHEST throughput?

Exam-Like

Configure a public VIF on the Direct Connect connection. Configure an AWS Site-to-Site VPN connection to the transit gateway as a VPN attachment.

Configure a transit VIF on the Direct Connect connection. Configure an IPsec VPN connection to an EC2 instance that is running third-party VPN software.

Configure MACsec for the Direct Connect connection. Configure a transit VIF to a Direct Connect gateway that is associated with the transit gateway.

Configure a public VIF on the Direct Connect connection. Configure two AWS Site-to-Site VPN connections to the transit gateway. Enable equal-cost multi-path (ECMP) routing.