ANS-C01 Question #33: Real Exam Question with Answer & Explanation

Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #33. The question stem and answer options stay visible for context.

Submitted by salim_om· Mar 6, 2026Design and Implement Security and Compliance for Networks

Question

A network engineer must provide additional safeguards to protect encrypted data at Application Load Balancers (ALBs) through the use of a unique random session key. What should the network engineer do to meet this requirement?

Options

AChange the ALB security policy to a policy that supports TLS 1.2 protocol only
BUse AWS Key Management Service (AWS KMS) to encrypt session keys
CAssociate an AWS WAF web ACL with the ALBs. and create a security rule to enforce forward
DChange the ALB security policy to a policy that supports forward secrecy (FS)

Unlock ANS-C01 to see the answer

You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock ANS-C01 - $49.99 / 30 days Sign in

Topics

#ALB security policy#Forward Secrecy#TLS encryption#Session key protection

Full ANS-C01 Practice Browse All ANS-C01 Questions