AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A solutions architect is designing a new hybrid architecture to extend a company's on-premises infrastructure to AWS. The company requires a highly available connection with consistent low latency to an AWS Region. The company needs to minimize costs and is willing to accept slower traffic if the primary connection fails.

What should the solutions architect do to meet these requirements?

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Provision an AWS Direct Connect connection to a Region. Provision a VPN connection as a backup if the primary Direct Connect connection fails.

Provision a VPN tunnel connection to a Region for private connectivity. Provision a second VPN tunnel for private connectivity and as a backup if the primary VPN connection fails.

Provision an AWS Direct Connect connection to a Region. Provision a second Direct Connect connection to the same Region as a backup if the primary Direct Connect connection fails.

Provision an AWS Direct Connect connection to a Region. Use the Direct Connect failover attribute from the AWS CLI to automatically create a backup connection if the primary Direct Connect connection fails.

Explanation:

Explanation

Correct Answer: A

Why Option A is correct:

Direct Connect for primary connection: AWS Direct Connect provides dedicated, low-latency, high-bandwidth network connections between on-premises infrastructure and AWS. This meets the requirement for "consistent low latency" and "highly available connection."
VPN as backup: Using a VPN connection as a backup is cost-effective compared to provisioning a second Direct Connect connection. While VPN connections have higher latency and lower bandwidth, they are acceptable as a backup solution when the company is "willing to accept slower traffic if the primary connection fails."
Cost minimization: This approach minimizes costs by avoiding the expense of a second Direct Connect connection while still providing redundancy.

Why other options are incorrect:

Option B: VPN connections alone don't provide the consistent low latency required. VPN connections over the public internet are subject to variable latency and bandwidth constraints.

Option C: While this provides high availability with two Direct Connect connections, it doesn't minimize costs as required. A second Direct Connect connection is significantly more expensive than a VPN backup.

Option D: There is no "Direct Connect failover attribute" in the AWS CLI that automatically creates backup connections. This is not a valid AWS feature.

Key AWS Services:

AWS Direct Connect: Dedicated network connection from on-premises to AWS
AWS Site-to-Site VPN: Encrypted VPN connection over the public internet

Best Practice: For hybrid architectures requiring high availability with cost optimization, use Direct Connect as the primary connection with VPN backup. This provides the best balance of performance, reliability, and cost-effectiveness.

Powered ByGPT-5.2

Comments

Loading comments...