A company has an existing VPC which is quite unutilized for the past few months. The Business Manager instructed the Solutions Architect to integrate the company’s on-premises data center and its VPC. The architect explained the list of tasks that he’ll be doing and discussed the Virtual Private Network (VPN) connection. The Business Manager is not tech-savvy but he is interested to know what a VPN is and its benefits.
What is one of the major advantages of having a VPN in AWS?
A . It enables you to establish a private and dedicated network connection between your network and your VPC
B . It provides a cost-effective, hybrid connection from your VPC to your on-premises data centers which bypasses the public Internet.
C . It provides a networking connection between two VPCs which enables you to route traffic between them using private IPv4 addresses or IPv6 addresses.
D . It allows you to connect your AWS cloud resources to your on-premises data center using secure
and private sessions with IP Security (IPSec) or Transport Layer Security (TLS) tunnels.
Answer: D
Explanation:
Amazon VPC offers you the flexibility to fully manage both sides of your Amazon VPC connectivity by creating a VPN connection between your remote network and a software VPN appliance running in your Amazon VPC network. This option is recommended if you must manage both ends of the VPN connection either for compliance purposes or for leveraging gateway devices that are not currently supported by Amazon VPC’s VPN solution.
You can connect your Amazon VPC to remote networks and users using the following VPN connectivity options:
AWS Site-to-Site VPN – creates an IPsec VPN connection between your VPC and your remote network. On the AWS side of the Site-to-Site VPN connection, a virtual private gateway or transit gateway provides two VPN endpoints (tunnels) for automatic failover.
AWS Client VPN – a managed client-based VPN service that provides secure TLS VPN connections between your AWS resources and on-premises networks.
AWS VPN CloudHub – capable of wiring multiple AWS Site-to-Site VPN connections together on a virtual private gateway. This is useful if you want to enable communication between different remote networks that uses a Site-to-Site VPN connection.
Third-party software VPN appliance – You can create a VPN connection to your remote network by using an Amazon EC2 instance in your VPC that’s running a third party software VPN appliance.
With a VPN connection, you can connect to an Amazon VPC in the cloud the same way you connect to your branches while establishing secure and private sessions with IP Security (IPSec) or Transport Layer Security (TLS) tunnels.
Hence, the correct answer is the option that says: It allows you to connect your AWS cloud resources to your on-premises data center using secure and private sessions with IP Security (IPSec) or Transport Layer Security (TLS) tunnels since one of the main advantages of having a VPN connection is that you will be able to connect your Amazon VPC to other remote networks securely.
The option that says: It provides a cost-effective, hybrid connection from your VPC to your on-premises data centers which bypasses the public Internet is incorrect. Although it is true that a VPN provides a cost-effective, hybrid connection from your VPC to your on-premises data centers, it certainly does not bypass the public Internet. A VPN connection actually goes through the public Internet, unlike the AWS Direct Connect connection which has a direct and dedicated connection to your on-premises network. The option that says: It provides a networking connection between two VPCs which enables you to route traffic between them using private IPv4 addresses or IPv6 addresses is incorrect because this actually describes VPC Peering and not a VPN connection.
The option that says: It enables you to establish a private and dedicated network connection between
your network and your VPC is incorrect because this is the advantage of an AWS Direct Connect
connection and not a VPN.
References:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpn-connections.html
https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/software-vpn-network-to-
amazon.html
Amazon VPC Overview:
https://www.youtube.com/watch?v=oIDHKeNxvQQ
Check out this Amazon VPC Cheat Sheet:
https://tutorialsdojo.com/amazon-vpc/
Tutorials Dojo’s AWS Certified Solutions Architect Associate Exam Study Guide:
https://tutorialsdojo.com/aws-certified-solutions-architect-associate/
Latest SAA-C03 Dumps Valid Version with 400 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund