Ultimate access to all questions.
A company is migrating an application to a new AWS account, deploying it in a single AWS Region with one VPC spanning multiple Availability Zones. The application runs on Amazon EC2 instances placed in private subnets, with multiple instances per Availability Zone. Clients access the application via HTTPS through a web browser. Inbound traffic must be evenly distributed across Availability Zones and EC2 instances, while ensuring all requests from a single client session are routed to the same EC2 instance. End-to-end encryption between clients and the application must be maintained using the application's SSL certificate.
Which solution meets these requirements?
A
Create a Network Load Balancer. Create a target group. Set the protocol to TCP and the port to 443 for the target group. Turn on session affinity (sticky sessions). Register the EC2 instances as targets. Create a listener. Set the protocol to TCP and the port to 443 for the listener. Deploy SSL certificates to the EC2 instances.
B
Create an Application Load Balancer. Create a target group. Set the protocol to HTTP and the port to 80 for the target group. Turn on session affinity (sticky sessions) with an application-based cookie policy. Register the EC2 instances as targets. Create an HTTPS listener. Set the default action to forward to the target group. Use AWS Certificate Manager (ACM) to create a certificate for the listener.
C
Create a Network Load Balancer. Create a target group. Set the protocol to TLS and the port to 443 for the target group. Turn on session affinity (sticky sessions). Register the EC2 instances as targets. Create a listener. Set the protocol to TLS and the port to 443 for the listener. Use AWS Certificate Manager (ACM) to create a certificate for the application.
D
Create an Application Load Balancer. Create a target group. Set the protocol to HTTPS and the port to 443 for the target group. Turn on session affinity (sticky sessions) with an application-based cookie policy. Register the EC2 instances as targets. Create an HTTP listener. Set the port to 443 for the listener. Set the default action to forward to the target group.