AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company runs a web application on Amazon EC2 instances in an Auto Scaling group that has a target group. The company designed the application to work with session affinity (sticky sessions) for a better user experience.

The application must be available publicly over the internet as an endpoint. A WAF must be applied to the endpoint for additional security. Session affinity (sticky sessions) must be configured on the endpoint.

Which combination of steps will meet these requirements? (Choose two.)

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Create a public Network Load Balancer. Specify the application target group.

Create a Gateway Load Balancer. Specify the application target group.

Create a public Application Load Balancer. Specify the application target group.

Create a second target group. Add Elastic IP addresses to the EC2 instances.

Create a web ACL in AWS WAF. Associate the web ACL with the endpoint.

Explanation:

Explanation

Correct Answers: C and E

C. Create a public Application Load Balancer. Specify the application target group.

Application Load Balancer (ALB) is required because:
1. It supports session affinity (sticky sessions) through target group stickiness
2. It can be integrated with AWS WAF
3. It can be made publicly accessible over the internet
4. It works with target groups that contain EC2 instances in Auto Scaling groups

E. Create a web ACL in AWS WAF. Associate the web ACL with the endpoint.

AWS WAF (Web Application Firewall) must be associated with the endpoint for security
The web ACL contains rules to protect against common web exploits
AWS WAF can be directly associated with Application Load Balancers

Why other options are incorrect:

A. Create a public Network Load Balancer. Specify the application target group.

Network Load Balancer (NLB) operates at layer 4 (TCP/UDP) and does not support session affinity (sticky sessions)
NLB does not integrate with AWS WAF

B. Create a Gateway Load Balancer. Specify the application target group.

Gateway Load Balancer is designed for deploying third-party virtual appliances, not for web application traffic
It does not support session affinity or AWS WAF integration

D. Create a second target group. Add Elastic IP addresses to the EC2 instances.

This approach would bypass the load balancer and expose EC2 instances directly
Does not provide AWS WAF protection
Does not support session affinity at the load balancer level
Not a scalable solution for Auto Scaling groups

Key AWS Services Used:

Application Load Balancer (ALB) - Layer 7 load balancer with session affinity support
AWS WAF - Web Application Firewall for security
Target Groups - Logical grouping of targets (EC2 instances)
Auto Scaling Group - For automatic scaling of EC2 instances

Architecture Flow: Internet → AWS WAF → Application Load Balancer → Target Group → EC2 Instances (Auto Scaling Group)

Powered ByGPT-5.2

Comments

Loading comments...