Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 134 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 134
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company has developed a new web application on AWS. The application runs on Amazon Elastic Container Service (Amazon ECS) on AWS Fargate behind an Application Load Balancer (ALB) in the us-east-1 Region. The application uses Amazon Route 53 to host the DNS records for the domain. The content that is served from the website is mostly static images and files that are not updated frequently. Most of the traffic to the website from end users will originate from the United States. Some traffic will originate from Canada and Europe.

A network engineer needs to design a solution that will reduce latency for end users at the lowest cost. The solution also must ensure that all traffic is encrypted in transit until the traffic reaches the ALB.

Which solution will meet these requirements?

  • A. Configure the ALB to use an AWS Global Accelerator accelerator in us-east-1. Create a secure HTTPS listener. Create an alias record in Amazon Route 53 for the custom domain name. Configure the alias record to route to the DNS name that is assigned to the accelerator for the ALB.
  • B. Configure the ALB to use a secure HTTPS listener. Create an Amazon CloudFront distribution. Set the origin domain name to point to the DNS record that is assigned to the ALConfigure the CloudFront distribution to use an SSL certificate. Set all behaviors to force HTTPS. Create an alias record in Amazon Route 53 for the custom domain name. Configure the alias record to route to the DNS name that is assigned to the ALB.
  • C. Configure the ALB to use a secure HTTPS listener. Create an Amazon CloudFront distribution. Set the origin domain name to point to the DNS record that is assigned to the ALB. Configure the CloudFront distribution to use an SSL certificate and redirect HTTP to HTTPS. Create an alias record in Amazon Route 53 for the custom domain name. Configure the alias record to route to the CloudFront distribution.
  • D. Configure the ALB to use an AWS Global Accelerator accelerator in us-east-1. Create a secure HTTPS listener. Create a second application stack on Amazon ECS on Fargate in the eu-west-1 Region. Create another secure HTTPS listener. Create an alias record in Amazon Route 53 for the custom domain name. Configure the alias record to use a latency-based routing policy to route to the DNS name that is assigned to the accelerator for the ALBs.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Pratap at June 17, 2023, 7:29 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
TravelKo
Highly Voted 1 year, 2 months ago
Selected Answer: C
C is the right answer. Route 53 record points to Cloudfront default DNS name.
upvoted 6 times
...
lygf
Highly Voted 1 year, 3 months ago
Selected Answer: C
Global Accelerator needs NLB and static IP address which ALB won't have. A & D is out. When you create a distribution, CloudFront assigns a domain name to the distribution, such as d111111abcdef8.cloudfront.net. You can use this domain name in the URLs for your content. When you use a Route 53 domain name with a CloudFront distribution, use Amazon Route 53 to create an alias record that points to your CloudFront distribution. https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html
upvoted 5 times
fmunozse
1 year, 2 months ago
Fyi, Global accelerator works With alb, https://aws.amazon.com/blogs/networking-and-content-delivery/improving-availability-and-performance-for-application-load-balancers-using-one-click-integration-with-aws-global-accelerator/
upvoted 5 times
...
...
6e5b127
Most Recent 2 months ago
Selected Answer: A
The solution also MUST ensure that all traffic is encrypted in transit until the traffic reaches the ALB. CloudFront terminates SSL at the edge. This means that while traffic is encrypted from the user to CloudFront, CloudFront would then establish a new SSL connection to the origin. So the answer is A.
upvoted 1 times
...
JoellaLi
5 months, 3 weeks ago
Selected Answer: C
We choose CloudFront not Accelerator since the sentence 'The content that is served from the website is mostly static images and files that are not updated frequently. '
upvoted 1 times
...
JosMo
1 year, 2 months ago
Selected Answer: C
Answer: C because it redirect the HTTP to HTTPS. B, enforce HTTPS, which is good but not optimal
upvoted 5 times
...
Pratap
1 year, 3 months ago
Selected Answer: B
B seems to be the right Answer
upvoted 2 times
[Removed]
1 year, 2 months ago
Enforcing HTTPS will reject any HTTP traffic, , which is not optimal compared to redirecting HTTP traffic to HTTPS. HTTP redirects are generally faster than HTTP rejects from a performance perspective. Option C is more optimal.
upvoted 4 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel