Q47 — AWS SAA-C03 第3章
第 47/65 题 | ← 返回第3章
Q177.一家公司为其企业网站使用流行的内容管理系统 (CMS).然而,所需的补丁和维护工作十分繁重.该公司正在重新设计其网站并需要一个新的解决方案.该网站每年更新四次,不需要有任何可用的动态内容.该解决方案必须提供高可扩展性和增强的安全性.哪些更改组合将以最少的运营开销满足这些要求? (选择两个.)
- A. 在网站前面配置 Amazon CloudFront 以使用 HTTPS 功能. ✓
- B. 在网站前面部署一个AWS WAF web ACL,提供HTTPS功能.
- C. 创建和部署 AWS Lambda 函数来管理和提供网站内容.
- D. 创建新网站和一个 Amazon S3 存储桶.在启用静态网站托管的情况下将网站部署在 S3 存储桶上. ✓
- E. 创建新网站.使用 Application Load Balancer 后面的 Amazon EC2 实例的 Auto Scaling 组部署网站.
正确答案: A. 在网站前面配置 Amazon CloudFront 以使用 HTTPS 功能., D. 创建新网站和一个 Amazon S3 存储桶.在启用静态网站托管的情况下将网站部署在 S3 存储桶上.
解析
To provide a new solution that meets the requirements of scalability and enhanced security, with the least operational overhead, a company should deploy an Amazon S3 bucket to host the website content and configure Amazon CloudFront in front of it to use HTTPS functionality. Therefore, options A and D are the correct answers.Option B suggests deploying an AWS WAF web ACL in front of the website to provide HTTPS functionality. While this approach adds more security compared to using Amazon CloudFront, it requires more configuration management and may be more expensive.Option C suggests creating and deploying an AWS Lambda function to manage and serve the website content. While this approach provides serverless architecture and can reduce operational overhead, it may not provide the desired scalability and may require additional configuration for high availability.Option E suggests deploying the website by using an Auto Scaling group of Amazon EC2 instances behind an Application Load Balancer. While this approach provides scalability, it requires more operational overhead compared to using Amazon S3 and Amazon CloudFront.By deploying the website on an Amazon S3 bucket with static website hosting enabled, the company can benefit from the simplicity, durability, and low cost of Amazon S3. Amazon CloudFront can be configured in front of the S3 bucket to provide scalability, caching, and HTTPS functionality with minimal operational overhead. This approach meets the requirements and is highly secure as it uses industry-standard SSL/TLS certificates to encrypt data in transit between CloudFront and end-users. 为了提供满足可扩展性和增强安全性要求的新解决方案,公司应该部署Amazon S3桶来托管网站内容,并在其前面配置Amazon CloudFront以使用HTTPS功能。因此,选项A和D是正确答案。选项B建议在网站前面部署AWS WAF web ACL,以提供HTTPS功能。虽然与使用Amazon CloudFront相比,这种方法增加了更多的安全性,但它需要更多的配置管理,并且可能更昂贵。选项C建议创建和部署AWS Lambda功能来管理和服务网站内容。虽然这种方法提供了无服务器架构并可以减少操作开销,但它可能无法提供所需的可伸缩性,并且可能需要额外的配置来实现高可用性。选项E建议通过在应用程序负载均衡器后面使用Amazon EC2实例的自动伸缩组来部署网站。虽然这种方法提供了可伸缩性,但与使用Amazon S3和Amazon CloudFront相比,它需要更多的操作开销。通过将网站部署在启用静态网站托管的Amazon S3存储桶上,公司可以从Amazon S3的简单性、持久性和低成本中受益。Amazon CloudFront可以在S3存储桶前面配置,以最小的操作开销提供可伸缩性、缓存和HTTPS功能。这种方法既满足需求,又非常安全,因为它使用行业标准的SSL/TLS证书对CloudFront和最终用户之间传输的数据进行加密。