A multinational organization has applications deployed in three different AWS regions. These applications must securely communicate with each other by VPN. According to the organization’s security team, the VPN must meet the following requirements:
- AES 128-bit encryption
- SHA-1 hashing
- User access via SSL VPN
- PFS using DH Group 2
- Ability to maintain/rotate keys and passwords
- Certificate-based authentication
Which solution should you recommend so that the organization meets the requirements?
A. AWS hardware VPN between the virtual private gateway and customer gateway
B. A third-party VPN solution deployed from AWS Marketplace
C. A private MPLS solution from an international carrier
D. AWS hardware VPN between the virtual private gateways in each region