ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 754 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 754
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company has users all around the world accessing its HTTP-based application deployed on Amazon EC2 instances in multiple AWS Regions. The company wants to improve the availability and performance of the application. The company also wants to protect the application against common web exploits that may affect availability, compromise security, or consume excessive resources. Static IP addresses are required.

What should a solutions architect recommend to accomplish this?

  • A. Put the EC2 instances behind Network Load Balancers (NLBs) in each Region. Deploy AWS WAF on the NLBs. Create an accelerator using AWS Global Accelerator and register the NLBs as endpoints.
  • B. Put the EC2 instances behind Application Load Balancers (ALBs) in each Region. Deploy AWS WAF on the ALBs. Create an accelerator using AWS Global Accelerator and register the ALBs as endpoints.
  • C. Put the EC2 instances behind Network Load Balancers (NLBs) in each Region. Deploy AWS WAF on the NLBs. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the NLBs.
  • D. Put the EC2 instances behind Application Load Balancers (ALBs) in each Region. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the ALBs. Deploy AWS WAF on the CloudFront distribution.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Andy_09 at Feb. 5, 2024, 9:32 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ogerber
Highly Voted 7 months, 2 weeks ago
Selected Answer: B
HTTP based application so ALB is required. because static IP addresses are required, we should use global accelerator: "By default, Global Accelerator provides you with static IP addresses that you associate with your accelerator."
upvoted 12 times
...
Andy_09
Highly Voted 7 months, 3 weeks ago
Option D
upvoted 5 times
Typewriter101
7 months, 2 weeks ago
Why D cause i think global accelerator will do a better job an cloudfront to increase availability and performance
upvoted 2 times
Typewriter101
7 months, 2 weeks ago
than cloudfront*
upvoted 1 times
...
...
...
f07ed8f
Most Recent 4 months, 1 week ago
Selected Answer: B
CloudFront doesn't support assigning a static IP address to distributions
upvoted 3 times
...
zinabu
5 months ago
Selected Answer: B
Http based app=ALB static IP= AWS global accelerator for those who choice ''A'' NLB doesn't support Http based traffic it is just used for TCP/UDP based traffic.
upvoted 4 times
...
mohammadthainat
5 months, 4 weeks ago
Selected Answer: D
Something wrong in the question, here is why: Static IP addresses are required --> NLB protect against common web exploits --> WAF (But you can't use WAF directly with NLB) HTTP-based application --> Cloudfront (using CloudFront with NLB is not recommended) EC2s in multiple AWS Regions --> Route 53 latency-based
upvoted 3 times
mohammadthainat
5 months, 4 weeks ago
Changing my answer to B Static IP addresses are required --> We can use Global Accelerator for fixed IP and WAF on the ALB
upvoted 4 times
...
...
TruthWS
6 months ago
Option A Static IP --> NLB against common web exploits --> WAF performance --> Global Accelerator is best choice in this situation.
upvoted 1 times
dkw2342
6 months ago
No, option B is correct. * WAF (L7) does not work with NLB (L4) * Traffic enters via the Global Accelerator, so that's the customer-facing (static) IP - https://docs.aws.amazon.com/global-accelerator/latest/dg/about-accelerators.eip-accelerator.html
upvoted 3 times
...
...
jackky3123213
6 months, 1 week ago
Selected Answer: D
Option D
upvoted 1 times
...
alawada
6 months, 1 week ago
Selected Answer: B
CloudFront uses multiple sets of dynamically changing IP addresses while Global Accelerator will provide you a set of static IP addresses as a fixed entry point to your applications
upvoted 2 times
...
Ipergorta
6 months, 2 weeks ago
Option D
upvoted 1 times
...
Naveena_Devanga
7 months, 1 week ago
Correct Answer is C. Static IP addresses are required specific to the requirement.
upvoted 1 times
...
stephensimudemy
7 months, 1 week ago
Selected Answer: B
CloudFront uses multiple sets of dynamically changing IP addresses while Global Accelerator will provide you a set of static IP addresses as a fixed entry point to your applications
upvoted 2 times
...
osmk
7 months, 2 weeks ago
Selected Answer: B
Network Load Balancer (NLB): NLB operates at layer 4 and does not support AWS WAF directly https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html
upvoted 2 times
osmk
7 months, 2 weeks ago
The company wants to improve the availability and performance of the application
upvoted 1 times
...
...
jaswantn
7 months, 2 weeks ago
Static IP addresses are required, so option B....global accelerator with ALB
upvoted 3 times
...
Dhokal
7 months, 3 weeks ago
B is correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago