Answer-first summary for fast verification
Answer: Provision an Application Load Balancer. Configure an HTTPS listener by specifying the use of an ECC SSL certificate that is uploaded to AWS Certificate Manager (ACM). Configure a default action to redirect to the URL for the application. Turn on health checks to monitor the web hosts that connect to the end users.
The correct answer is B. The question specifies the need for HTTPS with TLS certificates that implement Elliptic Curve Cryptography (ECC) and the offloading of TLS connections to a load balancer. An Application Load Balancer (ALB) is designed to handle HTTP/HTTPS traffic and can offload SSL/TLS processing, which is exactly what is needed here. Option B correctly suggests provisioning an ALB, configuring an HTTPS listener with an ECC SSL certificate from AWS Certificate Manager (ACM), and setting up health checks. AWS Certificate Manager (ACM) is the correct service to use for managing SSL/TLS certificates in AWS, not IAM. Option A suggests using a Network Load Balancer (NLB) with a TLS listener, but NLBs are more suited for TCP/UDP traffic and do not natively support HTTPS listeners or the advanced routing features of ALBs. Option C incorrectly suggests using a Network Load Balancer and enabling application-based session affinity, which is not a feature of NLBs. Option D incorrectly suggests using IAM for SSL/TLS certificates, which is not the correct service for this purpose.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company operates an application that stores users' personally identifiable information (PII), requiring all connections to be secured via HTTPS with TLS certificates utilizing Elliptic Curve Cryptography (ECC). The application maintains stateful connections between the web tier and end users and is hosted on multiple instances. A network engineer needs to deploy a solution that offloads TLS connections to a load balancer.
Which load-balancing solution satisfies these requirements?
A
Provision a Network Load Balancer. Configure a TLS listener by specifying the use of an ECC SSL certificate that is uploaded to AWS identity and Access Management (IAM). Turn on health checks to monitor the web hosts that connect to the end users.
B
Provision an Application Load Balancer. Configure an HTTPS listener by specifying the use of an ECC SSL certificate that is uploaded to AWS Certificate Manager (ACM). Configure a default action to redirect to the URL for the application. Turn on health checks to monitor the web hosts that connect to the end users.
C
Provision a Network Load Balancer. Configure a TLS listener by specifying the use of an ECC SSL certificate that is uploaded to AWS Certificate Manager (ACM). Turn on application-based session affinity (sticky sessions). Turn on health checks to monitor the web hosts that connect to the end users.
D
Provision an Application Load Balancer. Configure an HTTPS listener by specifying the use of an ECC SSL certificate that is uploaded to AWS Identity and Access Management (IAM). Configure a default action to redirect to the URL for the application. Turn on application-based session affinity (sticky sessions).