Amazon Exam ANS-C01 Topic 2 Question 38 Discussion

Actual exam question for Amazon's ANS-C01 exam

Question #: 38
Topic #: 2

A company is migrating an existing application to a new AWS account. The company will deploy the application in a single AWS Region by using one VPC and multiple Availability Zones. The application will run on Amazon EC2 instances. Each Availability Zone will have several EC2 instances. The EC2 instances will be deployed in private subnets.

The company's clients will connect to the application by using a web browser with the HTTPS protocol. Inbound connections must be distributed across the Availability Zones and EC2 instances. All connections from the same client session must be connected to the same EC2 instance. The company must provide end-to-end encryption for all connections between the clients and the application by using the application SSL certificate.

Which solution will meet these requirements?

ACreate a Network Load Balancer. Create a target group. Set the protocol to TCP and the port to 443 for the target group. Turn on session affinity (sticky sessions). Register the EC2 instances as targets. Create a listener. Set the protocol to TCP and the port to 443 for the listener. Deploy SSL certificates to the EC2 instances.

BCreate an Application Load Balancer. Create a target group. Set the protocol to HTTP and the port to 80 for the target group. Turn on session affinity (sticky sessions) with an application-based cookie policy. Register the EC2 instances as targets. Create an HTTPS listener. Set the default action to forward to the target group. Use AWS Certificate Manager (ACM) to create a certificate for the listener.

CCreate a Network Load Balancer. Create a target group. Set the protocol to TLS and the port to 443 for the target group. Turn on session affinity (sticky sessions). Register the EC2 instances as targets. Create a listener. Set the protocol to TLS and the port to 443 for the listener. Use AWS Certificate Manager (ACM) to create a certificate for the application.

DCreate an Application Load Balancer. Create a target group. Set the protocol to HTTPS and the port to 443 for the target group. Turn on session affinity (sticky sessions) with an application-based cookie policy. Register the EC2 instances as targets. Create an HTTP listener. Set the port to 443 for the listener. Set the default action to forward to the target group.

Show Suggested Answer

Suggested Answer: A

by Arthur at Sep 16, 2024, 06:19 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lang

19 days ago

Haha, Option A with TCP protocol and SSL certs on EC2 instances? That's a bit old-school, don't you think?

upvoted 0 times

...

Vannessa

20 days ago

Hmm, Option B seems a bit off. Using HTTP protocol and then relying on ACM for HTTPS listener? Doesn't sound right to me.

upvoted 0 times

...

1 months ago

Option C looks like the best choice. Using a Network Load Balancer with TLS protocol and ACM certificates seems to meet all the requirements.

upvoted 0 times

Brett

20 days ago

Yes, Option C with Network Load Balancer and TLS protocol seems like the most secure and efficient solution for the migration.

upvoted 0 times

...

Rolland

21 days ago

I agree, Option C seems to provide the necessary end-to-end encryption and session affinity for the application.

upvoted 0 times

...

Ronald

23 days ago

Option C looks like the best choice. Using a Network Load Balancer with TLS protocol and ACM certificates seems to meet all the requirements.

upvoted 0 times

...

Daniela

2 months ago

I think option A is the best solution because it uses a Network Load Balancer with TCP protocol and session affinity for sticky sessions.

upvoted 0 times

...