Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 265 discussion

C. Configure a public Application Load Balancer (ALB) with multiple redundant Amazon EC2 instances in private subnets. Configure Amazon CloudFront to deliver HTTPS content using the public ALB as the origin. This solution meets the requirements for a highly available application with web, application, and database tiers, as well as providing edge-based content delivery. Additionally, it maximizes security by having the ALB in a private subnet, which limits direct access to the web servers, while still being able to serve traffic over the Internet via the public ALB. This will ensure that the web servers are not exposed to the public Internet, which reduces the attack surface and provides a secure way to access the application.

A. exposes the EC2 instances directly to the public internet, which may compromise security. B. lacks a load balancer in the public subnet, which is required for efficient load distribution and high availability. D. provides load balancing and HTTPS content delivery, it exposes the EC2 instances directly to the public internet, which may pose security risks. C. provides high availability, secure access through private subnets, and optimized HTTPS content delivery using CloudFront with a public ALB as the origin.

C. Configure a public Application Load Balancer (ALB) with multiple redundant Amazon EC2 instances in private subnets. Configure Amazon CloudFront to deliver HTTPS content using the public ALB as the origin. Here's the reasoning: Public ALB in Private Subnets: Placing the ALB in private subnets enhances security by preventing direct access from the internet. The ALB in private subnets can communicate with the application instances in the same private subnets. CloudFront with ALB as Origin: Configuring CloudFront to deliver HTTPS content using the public ALB as the origin allows for content to be cached and distributed globally, reducing latency for end users.

C. Configure a public Application Load Balancer (ALB) with multiple redundant Amazon EC2 instances in private subnets. Configure Amazon CloudFront to deliver HTTPS content using the public ALB as the origin. This solution meets the requirements for a highly available application with web, application, and database tiers, as well as providing edge-based content delivery. Additionally, it maximizes security by having the ALB in a private subnet, which limits direct access to the web servers, while still being able to serve traffic over the Internet via the public ALB. This will ensure that the web servers are not exposed to the public Internet, which reduces the attack surface and provides a secure way to access the application.

Keyword: Instances in private, ALB in public, point cloudfront to the public ALB

Answer is C

ans: C https://www.examtopics.com/discussions/amazon/view/46401-exam-aws-certified-solutions-architect-associate-saa-c02/

Instances in private, ALB in public, point cloudfront to the public ALB