A company is operating a website using Amazon CloudFront. CloudFront serves some content from Amazon S3 and other content from web servers running on Amazon EC2 instances behind an Application Load Balancer (ALB). Amazon DynamoDB is used as the data store. The company already uses AWS Certificate Manager (ACM) to store a public TLS certificate that can optionally secure connections between the website users and CloudFront. The company has a new requirement to enforce end-to-end encryption in transit. Which combination of steps should the company take to meet this requirement? (Choose three.) A. Update the CloudFront distribution, configuring it to optionally use HTTPS when connecting to origins on Amazon S3. B. Update the web application configuration on the web servers to use HTTPS instead of HTTPS when connecting to DynamoDB. C. Update the CloudFront distribution to redirect HTTP connections to HTTPS. D. Configure the web servers on the EC2 instances to listen using HTTPS using the public ACM TLS certificate. Update the ALB to connect to the target group using HTTPS. E. Update the ALB listener to listen using HTTPS using the public ACM TLS certificate. Update the CloudFront distribution to connect to the HTTPS listener. F. Create a TLS certificate. Configure the web servers on the EC2 instances to use HTTPS only with that certificate. Update the ALB to connect to the target group using HTTPS.  Suggested Answer: BDE Community Answer: CEF This question is in SCS-C01 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer