Multiple Choice
A company wants to deploy a distributed web application on a fleet of EC2 instances. The fleet will be fronted by a Classic Load Balancer that will be configured to terminate the TLS connection. The company wants to make sure that all past and current TLS traffic to the Classic Load Balancer stays secure, even if the certificate private key is leaked. To ensure the company meets these requirements, a Security Engineer can configure a Classic Load Balancer with:
A) An HTTPS listener that uses a certificate that is managed by Amazon Certification Manager.
B) An HTTPS listener that uses a custom security policy that allows only perfect forward secrecy cipher suites.
C) An HTTPS listener that uses the latest AWS predefined ELBSecurityPolicy-TLS-1-2-2017-01 security policy.
D) A TCP listener that uses a custom security policy that allows only perfect forward secrecy cipher suites.
Correct Answer:
Verified
Correct Answer:
Verified
Q3: The Security Engineer is managing a web
Q4: A Security Administrator is configuring an Amazon
Q5: A company has hundreds of AWS accounts,
Q6: A developer is building a serverless application
Q7: A Security Engineer received an AWS Abuse
Q9: The Security team believes that a former
Q10: A Security Administrator has a website hosted
Q11: A company's security engineer has been asked
Q12: A company has an application hosted in
Q13: A Software Engineer wrote a customized reporting