Higher local preference makes the Direct Connect route preferred.
Why this answer
Local preference is a BGP attribute used to influence outbound traffic from an AS. By setting a higher local preference on the Direct Connect BGP session, the router will prefer that path over the VPN session. When Direct Connect fails, the BGP session goes down, and the VPN route becomes the only available path, ensuring seamless failover.
Exam trap
The trap here is that candidates often confuse local preference (influences outbound path selection) with MED (influences inbound path selection) or AS path prepending (also influences inbound selection), leading them to choose options that would not achieve the desired primary/backup behavior for outbound traffic.
How to eliminate wrong answers
Option A is wrong because a lower local preference on the Direct Connect session would make it less preferred, causing the VPN to be used as the primary path, which contradicts the requirement. Option B is wrong because AS path prepending on the VPN session would make the VPN path less preferred (longer AS path), but the goal is to prefer Direct Connect; prepending on the VPN is unnecessary and could cause suboptimal routing if Direct Connect fails. Option D is wrong because MED (Multi-Exit Discriminator) is used to influence inbound traffic from a neighboring AS, not outbound traffic from the local AS; it does not affect which path the local router chooses for outbound traffic.