Q18 — AWS ANS-C01 Ch.1

Question 18 of 100 | ← Chapter 1

A company is deploying a new application in the AWS Cloud. The company wants a highly available web server that will sit behind an Elastic Load Balancer. The load balancer will route requests to multiple target groups based on the URL in the request. All tra¨c must use HTTPS. TLS Processing must be o©oaded to the load balancer. The web server must know the user’s IP address so that the company can keep accurate logs For security purposes. Which solution will meet these requirements?

Correct Answer: A. Deploy an Application Load Balancer with an HTTPS listener. Use path-based routing rules to forward the tra¨c to the correct target group. Include the X-Forwarded-For request header with tra¨c to the targets.

Explanation

此题要求部署一个高度可用的Web服务器,该服务器需位于AWSCloud中的ElasticLoadBalancer之后。主要要求包括使用HTTPS、将TLS处理卸载到负载均衡器、以及确保Web服务器能获取用户IP地址以记录日志。A选项:部署一个ApplicationLoadBalancer(ALB),它支持HTTPS监听器,可以使用基于路径的路由规则将流量转发到正确的目标组,并通过包含X-Forwarded-For请求头来传递原始客户端IP地址给后端服务器,符合所有要求。B选项:虽然也使用了ALB和HTTPS监听器,但每个域名都需要一个单独的监听器,这在题目中没有明确要求,且增加了复杂性。C选项:NetworkLoadBalancer(NLB)不支持基于路径的路由规则,且通常用于更高层的网络协议(如TCP/UDP),不适合HTTP/HTTPS场景。D选项:同样使用了NLB,且每个域名需要一个单独的TLS监听器,增加了不必要的复杂性,并且NLB不支持直接传递客户端IP到后端服务器(除非使用特定配置,但题目未提及)。因此,A选项是最佳解决方案。 查看全部