AWS Certified Solutions Architect Associate SAA-C03 Practice Question
A financial-services company transfers about 20 TB of sensitive transaction data every night from its on-premises data center in New York to Amazon S3 buckets in the us-east-1 Region. The security team requires that the traffic never traverse the public Internet. The network team also needs deterministic, low-latency performance during the transfer window and is willing to provision physical connectivity if necessary.
Which AWS networking option MOST cost-effectively meets these requirements?
Use AWS DataSync over the Internet with TLS encryption to copy the data to Amazon S3
Order a dedicated 10 Gbps AWS Direct Connect connection at a nearby AWS Direct Connect location and configure a private virtual interface
Create an AWS Site-to-Site VPN connection over existing Internet circuits between the data center and a VPC
Enable AWS Global Accelerator and route the data traffic through accelerator endpoints
AWS Direct Connect provides a dedicated, private layer-2 or layer-3 connection that keeps traffic on the AWS global backbone. This bypasses the public Internet and delivers predictable, low-latency performance-ideal for large, daily data transfers. A Site-to-Site VPN is encrypted but still rides the Internet, so latency and jitter remain unpredictable. AWS Global Accelerator optimizes Internet paths for end-user traffic, not for data-center-to-AWS links. AWS DataSync over the Internet encrypts traffic but still uses public routes unless combined with Direct Connect, so it cannot meet the "never traverse the Internet" requirement on its own.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a dedicated network connection and how does it work?
Open an interactive chat with Bash
How does a VPN differ from a dedicated connection in terms of security and performance?
Open an interactive chat with Bash
What are some benefits of avoiding the public internet for data transfer?