Q43 — AWS ANS-C01 Ch.1

Question 43 of 100 | ← Chapter 1

A company has developed a new web application on AWS. The application runs on Amazon Elastic Container Service (Amazon ECS) on AWS Fargate behind an Application Load Balancer (ALB) in the us-east-1 Region. The application uses Amazon Route 53 to host the DNS records for The domain. The content that is served from the website is mostly static images and files that are not updated frequently. Most of the traffic to the Website from end users will originate from the United States. Some traffic will originate from Canada and Europe.A network engineer needs to design a solution that will reduce latency for end users at the lowest cost. The solution also must ensure that all Traffic is encrypted in transit until the traffic reaches the ALB. Which solution will meet these requirements?

Correct Answer: C. Configure the ALB to use a secure HTTPS listener. Create an Amazon CloudFront distribution. Set the origin domain name to point to the DNS record that is assigned to the ALB. Configure the CloudFront distribution to use an SSL certificate and redirect HTTP to HTTPS. Create an Alias record in Amazon Route 53 for the custom domain name. Configure the alias record to route to the CloudFront distribution.

Explanation

该题考察利用AWS服务优化静态内容分发及传输加密能力。AWS文档指出,Amazon CloudFront作为CDN可将静态内容缓存至边缘节点,降低延迟并减少源站负载。同时,CloudFront支持强制HTTPS及SSL证书管理,确保端到端加密。选项C正确配置CloudFront分发,将ALB设为源站,启用SSL并重定向HTTP到HTTPS,Route53别名指向CloudFront。此方案利用CDN缓存降低跨国延迟,符合成本优化要求。其他选项未有效结合CDN缓存或存在冗余资源配置,无法同时满足延迟与成本需求。