Q294.A company hosts a legacy application that runs on an Amazon EC2 instance inside a VPC without internet access. Users access the application with a desktop program installed on their corporate laptops. Communication between the laptops and the VPC flows through AWS Direct Connect (DX). A new requirement states that all data in transit must be encrypted between users and the VPC.Which strategy should a solutions architect use to maintain consistent network performance while meeting this new requirement?
A.Create a client VPN endpoint and configure the laptops to use an AWS client VPN to connect to the VPC over the internet. B.Create a new public virtual interface for the existing DX connection and create a new VPN that connects to the VPC over the DX public virtual interface. C.Create a new Site-to-Site VPN that connects to the VPC over the internet. D.Create a new private virtual interface for the existing DX connection and create a new VPN that connects to the VPC over the DX private virtual interface.正确答案D
