Topic 1 Question 122

AWS Certified Advanced Networking - Specialty

Topic 1 Question 122
A company is deploying a new stateless web application on AWS. The web application will run on Amazon EC2 instances in private subnets behind an Application Load Balancer. The EC2 instances are in an Auto Scaling group. The web application has a stateful management application for administration that will run on EC2 instances that are in a separate Auto Scaling group.

The company wants to access the management application by using the same URL as the web application, with a path prefix of/management. The protocol, hostname, and port number must be the same for the web application and the management application. Access to the management application must be restricted to the company's on-premises IP address space. An SSL/TLS certificate from AWS Certificate Manager (ACM) will protect the web application.

Which combination of steps should a network engineer take to meet these requirements?

2 つ選択
- Insert a rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the management application target group if there is a match. Edit the management application target group and enable stickiness.
- Modify the default rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the management application target group if there is not a match. Enable group-level stickiness in the rule attributes.
- Insert a rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the X-Forwarded-For HTTP header for the on-premises IP address space. Forward requests to the management application target group if there is a match. Enable group-level stickiness in the rule attributes.
- Modify the default rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the web application target group if there is not a match.
- Forward all requests to the web application target group. Edit the web application target group and disable stickiness.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: AE
  DEFAULT RULES CANNOT HAVE CONDITIONS so B & D are out. Changing to A & E.
  
  A to forward people to managment with stickiness E to forward people to the web application without stickiness
  
  https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html
  
  👍 11
  Certified1012023/08/03
- 正解だと思う選択肢: AD
  AD is correct. Default rule does not need stickiness because it is stateless
  
  👍 7
  papercuts232023/06/12
- https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html
  
  👍 1
  ISSDoksim2023/07/31
シャッフルモード

ユーザの投票

コメント(7)