SCS-C03 Question #110: Real Exam Question with Answer & Explanation

Question

A security engineer is designing a solution that will provide end-to-end encryption between clients and Docker containers running in Amazon Elastic Container Service (Amazon ECS). This solution will also handle volatile traffic patterns. Which solution would have the MOST scalability and LOWEST latency?

Options

• AConfigure a Network Load Balancer to terminate the TLS traffic and then re-encrypt the traffic to
• BConfigure an Application Load Balancer to terminate the TLS traffic and then re-encrypt the traffic
• CConfigure a Network Load Balancer with a TCP listener to pass through TLS traffic to the
• DConfigure Amazon Route 53 to use multivalue answer routing to send traffic to the containers.

Explanation

A Network Load Balancer (NLB) with a TCP listener is the best solution in this case because: Scalability: The NLB is designed to handle large volumes of traffic with low latency. It operates at the connection level (Layer 4), which allows it to scale efficiently, especially under volatile traffic Low latency: By passing through TLS traffic directly to the containers without terminating the connection, the NLB avoids the overhead of decrypting and re-encrypting traffic. This minimizes latency and ensures faster communication between clients and containers. This setup allows for end-to-end encryption (TLS) without needing to handle encryption termination and re-encryption at the load balancer level, which would add unnecessary complexity and processing time.

No community discussion yet for this question.