Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 382 discussion

Network Load Balancers now support TLS protocol. With this launch, you can now offload resource intensive decryption/encryption from your application servers to a high throughput, and low latency Network Load Balancer. Network Load Balancer is now able to terminate TLS traffic and set up connections with your targets either over TCP or TLS protocol. https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html https://exampleloadbalancer.com/nlbtls_demo.html

security of data in transit -> think of SSL/TLS. Check: NLB supports TLS https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html B (DDoS), C (SQL Injection), D (EBS) is for data at rest.

secure data in transit = TLS

TLS provides encryption for data in motion over the network, protecting against eavesdropping and tampering. A valid server certificate signed by a trusted CA will provide further security.

To improve the security of data in transit, you can configure a TLS listener on the Network Load Balancer (NLB) and deploy the server certificate on it. This will encrypt traffic between clients and the NLB. You can also use AWS Certificate Manager (ACM) to provision, manage, and deploy SSL/TLS certificates for use with AWS services and your internal connected resources1. You can also change the load balancer to an Application Load Balancer (ALB) and enable AWS WAF on it. AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources3. the A and C correct without transit but the need to improve the security of the data in transit? so he need SSL/TLS certificates

agree with fruto123