ExpertEasy1 markMultiple Choice
AWS SAA-C03 · Question 17 · Domain 1.2: Secure Workloads
A company is deploying a web application on an Application Load Balancer (ALB). They need to secure the traffic in transit using HTTPS. What is the MOST cost-effective and operationally efficient way to obtain and manage the SSL/TLS certificate?
A company is deploying a web application on an Application Load Balancer (ALB). They need to secure the traffic in transit using HTTPS. What is the MOST cost-effective and operationally efficient way to obtain and manage the SSL/TLS certificate?
Answer options:
A.
Purchase a certificate from a third-party CA and manually upload it to the ALB.
B.
Use AWS Certificate Manager (ACM) to provision a public certificate.
C.
Use AWS KMS to generate an SSL certificate.
D.
Install a self-signed certificate on the EC2 instances.
How to approach this question
Look for the AWS managed certificate service.
Full Answer
B.Use AWS Certificate Manager (ACM) to provision a public certificate.✓ Correct
AWS Certificate Manager (ACM) easily provisions, manages, and deploys public and private SSL/TLS certificates. Public certificates are free and automatically renewed.
Common mistakes
Thinking third-party CAs are required for public websites on AWS.
Practice the full AWS SAA-C03 Practice Exam 2
65 questions · hints · full answers · grading
More questions from this exam
Q01A company wants to ensure that no AWS resources can be created in the ap-northeast-1 region acros...EasyQ02A web application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The com...EasyQ03A company is storing highly sensitive data in an Amazon S3 bucket. The security team requires tha...MediumQ04An application running on an EC2 instance needs to access an Amazon DynamoDB table in a different...HardQ05A company needs to store database credentials securely. The credentials must be automatically rot...Medium