Exam Associate Cloud Engineer topic 1 question 127 discussion

SSL Proxy Load Balancing support for the following ports: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 3389, 5222, 5432, 5671, 5672, 5900, 5901, 6379, 8085, 8099, 9092, 9200, and 9300. When you use Google- managed SSL certificates with SSL Proxy Load Balancing, the frontend port for traffic must be 443 to enable the Google-managed SSL certificates to be provisioned and renewed.

C is correct

As per the GCP document below, "Proxy Network Load Balancers are intended for TCP traffic only, with or without SSL. For HTTP(S) traffic, we recommend that you use an Application Load Balancer instead." https://cloud.google.com/load-balancing/docs/proxy-network-load-balancer hence even if both A and C are capable to carter for this requirement, the Google recommendation is A. As per my understanding both A and C can divert client to closest backend service reducing the latency. Also in 2024, can refer to below as well. "HTTP/3 on your load balancer can improve web page load times, reduce video rebuffering, and improve throughput on higher latency connections." https://cloud.google.com/load-balancing/docs/https

https://cloud.google.com/load-balancing/docs/tcp Note: Although external proxy Network Load Balancers can support HTTPS traffic, you should use an external Application Load Balancer for HTTPS traffic instead. External Application Load Balancers support a number of HTTP-specific features, including routing by HTTP request path and balancing by request rate.

I remember compliance question was in "Associate Cloud Engineer Certification Learning Path". And I answered SSL Proxy Load Balancer but it was incorrect. Correct answer is A.

C. SSL Proxy Load Balancer The SSL Proxy Load Balancer is designed specifically for SSL-encrypted traffic and provides SSL termination, minimizing latency for clients worldwide by handling SSL connections efficiently. This load balancer is suitable for applications that receive SSL-encrypted TCP traffic on port 443, making it a good choice for the scenario.

Correct answer is C. External proxy load balancer supports global and regional scope. While external passthrough network load balancer supports regional scope.

C is the right answer , read it carefully TCP traffic

443 is HTTTPs

Answer is A From this Link: https://cloud.google.com/load-balancing/docs/ssl it states this: External SSL proxy load balancers are intended for non-HTTP(S) traffic. For HTTP(S) traffic, we recommend that you use an external HTTP(S) load balancer. 443 is HTTPS traffic for those saying 443 isn't https https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=443

Go for C. We are taking exam so read the question smart. For HTTPS traffic use HTTPS load balancer. For non-HTTP traffic, use SSL Proxy Load Balancer. (https://cloud.google.com/load-balancing/docs/ssl). Network Load Balancer (Extenral TCP/UDP network load balancer) for regional pass through traffic (https://cloud.google.com/load-balancing/docs/network). Here it mentioned SSL-encrypted TCP traffic all over the world, go for SSL proxy load balancer. Read the keyword "SSL-encrypted TCP" and "all over the world". Keep it simple, don't over complicated yourself

The answer is C. "SSL encrypted TCP" traffic is not exactly SSL traffic. SSL encrypted TCP traffic is usually used for non HTTP application. Port 443 is supported by SSL proxy load balancer so this isn't what will differentiate the two for us. The main part here is "SSL encrypted TCP" traffic.

C. SSL Proxy Load Balancer would be the best option for minimizing latency for the clients, as it terminates SSL traffic and forwards unencrypted traffic directly to the backend instances. This reduces the amount of processing and latency associated with SSL encryption/decryption. Additionally, because the clients are located all over the world, using a global SSL Proxy Load Balancer can distribute traffic to the closest backend instances for the clients, further reducing latency.

A. HTTPS Load Balancer The HTTPS Load Balancer is the best option for minimizing latency for clients located all over the world. HTTPS Load Balancer provides a global solution for load balancing secure (SSL/TLS) traffic, including the ability to distribute traffic to backend instances based on IP address, based on request content, or both. It is designed to handle encrypted traffic and can terminate SSL/TLS connections, making it the optimal choice for an application that receives SSL-encrypted TCP traffic on port 443. Additionally, HTTPS Load Balancer has built-in features to minimize latency, such as support for HTTP/2 and connection multiplexing, which can reduce the number of connections and round trips required to complete a request.

A: Although both HTTPS and SSL Proxy load balancers can both be used for global external load balancing, for HTTP(S) traffic, Google recommends that you use HTTP(S) Load Balancing. https://cloud.google.com/load-balancing/docs/ssl

Correct answer: (A) Global https load balancer https://cloud.google.com/load-balancing/docs/choosing-load-balancer

This is a tricky question. First point to consider is the port. TCP 443 port is used for HTTPS traffic. Second : SSL Proxy LB is intended for non-HTTPs traffic and for HTTPs traffic, it should be global HTTPs LB. Answer is A : HTTPS Load Balancer.