Topic 1 Question 123
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform SSL termination. There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit. What should a solutions architect do to increase the application's performance?
Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
Create an Amazon S3 bucket Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.
Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.
ユーザの投票
コメント(8)
- 正解だと思う選択肢: D
This issue is solved by SSL offloading, i.e. by moving the SSL termination task to the ALB. https://aws.amazon.com/blogs/aws/elastic-load-balancer-support-for-ssl-termination/
👍 11123jhl02022/10/19 - 正解だと�思う選択肢: D
The correct answer is D. To increase the application's performance, the solutions architect should import the SSL certificate into AWS Certificate Manager (ACM) and create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.
An Application Load Balancer (ALB) can offload the SSL termination process from the EC2 instances, which can help to increase the compute capacity available for the web application. By creating an ALB with an HTTPS listener and using the SSL certificate from ACM, the ALB can handle the SSL termination process, leaving the EC2 instances free to focus on running the web application.
👍 4Buruguduystunstugudunstuy2022/12/27 - 正解だと思う選択肢: D
SSL termination is the process of ending an SSL/TLS connection. This is typically done by a device, such as a load balancer or a reverse proxy, that is positioned in front of one or more web servers. The device decrypts incoming SSL/TLS traffic and then forwards the unencrypted request to the web server. This allows the web server to process the request without the overhead of decrypting and encrypting the traffic. The device then re-encrypts the response from the web server and sends it back to the client. This allows the device to offload the SSL/TLS processing from the web servers and also allows for features such as SSL offloading, SSL bridging, and SSL acceleration.
👍 4remand2023/01/17
シャッフルモード