ANS-C01 · Question #182
ANS-C01 Question #182: Real Exam Question with Answer & Explanation
The correct answer is B: Import the third-party certificate for the ALB into AWS Certificate Manager (ACM) in us-west-2.. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https- requirements.html
Question
A company has an order processing system that needs to keep credit card numbers encrypted. The company's customer-facing application runs as an Amazon Elastic Container Service (Amazon ECS) service behind an Application Load Balancer (ALB) in the us-west-2 Region. An Amazon CloudFront distribution is configured with the ALB as the origin. The company uses a third-party trusted certificate authority to provision its certificates. The company is using HTTPS for encryption in transit. The company needs additional field-level encryption to keep sensitive data encrypted during processing so that only certain application components can decrypt the sensitive data. Which combination of steps will meet these requirements? (Choose two.)
Options
- AImport the third-party certificate for the ALB. Associate the certificate with the ALB. Upload the
- BImport the third-party certificate for the ALB into AWS Certificate Manager (ACM) in us-west-2.
- CUpload the private key that handles the encryption of the sensitive data to the CloudFront
- DUpload the public key that handles the encryption of the sensitive data to the CloudFront
- EUpload the public key that handles the encryption of the sensitive data to the CloudFront
Explanation
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https- requirements.html
Topics
Community Discussion
No community discussion yet for this question.