Question 247:
A Global bank has a hybrid network architecture for its banking applications. The client gets authenticated with servers deployed in Bank Data Centre & once authenticated, access banking application servers based in AWS VPC. As per security norms, Client Credit Card transaction traffic should be over an encrypted link. All other traffic between servers in Data Centre & AWS need to have high bandwidth for quick response to client queries. In AWS VPC, a single server processes the minimal Credit card transaction traffic & multiple application servers handling a huge amount of client transactions. There is a separate CIDR range configured for both these servers. As a Solution Architect which of the following solution can be deployed to meet this requirement in the most cost-effective way?
Answer options:
A.Create an AWS Direct Connect link & VPN link. Route traffic with specific prefixes of servers over AWS Direct Connect & summarised route of AWS VPC CIDR range over AWS VPN for credit card transaction traffic. B.Create an AWS Direct Connect link & VPN link. Route traffic with VPC CIDR range over AWS Direct Connect for all other traffic & specific route of Credit Card servers over VPN for credit card transaction traffic. C.Create 2 AWS Direct Connect Links & create a VPN over Direct Connect for encrypted traffic. Route traffic with VPC CIDR range over one VPN tunnel & Credit Card transaction traffic over other VPN tunnels. D.Create 2 VPN links terminating on VGW for encrypted traffic. Route traffic with VPC CIDR range over one VPN link & Credit Card transaction traffic over other VPN links.