nerdexam
Amazon

DVA-C02 · Question #164

An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users an

The correct answer is B. Set the Origin Protocol Policy to "HTTPS Only". D. Set the Viewer Protocol Policy to "HTTPS Only" or "Redirect HTTP to HTTPS".. B: Setting the Origin Protocol Policy to "HTTPS Only" ensures that CloudFront always uses HTTPS to connect to the origin, which is the web application in this scenario. D: Setting the Viewer Protocol Policy to "HTTPS Only" ensures that CloudFront will only serve requests over HTT

Submitted by rania.sa· Mar 5, 2026Security

Question

An organization is using Amazon CloudFront to ensure that its users experience low-latency access to its web application. The organization has identified a need to encrypt all traffic between users and CloudFront, and all traffic between CloudFront and the web application. How can these requirements be met? (Choose two.)

Options

  • AUse AWS KMS to encrypt traffic between CloudFront and the web application.
  • BSet the Origin Protocol Policy to "HTTPS Only".
  • CSet the Origin's HTTP Port to 443.
  • DSet the Viewer Protocol Policy to "HTTPS Only" or "Redirect HTTP to HTTPS".
  • EEnable the CloudFront option Restrict Viewer Access.

How the community answered

(27 responses)
  • A
    15% (4)
  • B
    74% (20)
  • C
    4% (1)
  • E
    7% (2)

Explanation

B: Setting the Origin Protocol Policy to "HTTPS Only" ensures that CloudFront always uses HTTPS to connect to the origin, which is the web application in this scenario. D: Setting the Viewer Protocol Policy to "HTTPS Only" ensures that CloudFront will only serve requests over HTTPS. Setting it to "Redirect HTTP to HTTPS" ensures that any HTTP request from viewers is redirected to HTTPS.

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice