Multiple Choice
An organization is deploying an application in a VPC that requires SSL mutual authentication with a client-side certificate, as that is the primary method of identifying clients. The Network Engineer has been tasked with defining the mechanism used within AWS to provide the SSL mutual authentication. Which of the following options meets the organization's requirements?
A) Use a Classic Load Balancer and upload the client certificate private keys to it. Perform SSL mutual authentication of the client-side certificate there.
B) Use a Network Load Balancer with a TCP listener on port 443, and pass the request through for the SSL mutual authentication to be handled by a backend instance.
C) Use an Application Load Balancer and upload the client certificate private keys to it by using the native server name indication (SNI) features with smart certificate selection to handle multiple calling applications.
D) Front the application with Amazon API Gateway, and use its client-side SSL mutual authentication feature that uses the backend instances to verify the source of the request.
Correct Answer:
Verified
Correct Answer:
Verified
Q359: Your company needs to directly update an
Q360: You are deploying an EC2 instance in
Q361: You are configuring a VPN to AWS
Q362: Under increased cybersecurity concerns, a company is
Q363: Your company operates a single AWS account.
Q365: You have 4 Direct Connect connections from
Q366: You have two VPCs that require DNS
Q367: A company's Network Engineering team is solely
Q368: Your organization's corporate website must be available
Q369: A company uses a newly provisioned 1-Gbps