AWS Certified Security – Specialty — Question 184

Which of the following are valid configurations for using SSL certificates with Amazon CloudFront? (Choose three.)

Answer options

• A. Default AWS Certificate Manager certificate
• B. Custom SSL certificate stored in AWS KMS
• C. Default CloudFront certificate
• D. Custom SSL certificate stored in AWS Certificate Manager
• E. Default SSL certificate stored in AWS Secrets Manager
• F. Custom SSL certificate stored in AWS IAM

Correct answer: C, D, F

Explanation

The correct answers are C, D, and F because the Default CloudFront certificate (C) can be used for custom domains, the Custom SSL certificate stored in AWS Certificate Manager (D) is a standard practice for managing SSL, and Custom SSL certificates stored in AWS IAM (F) are also supported. Options A, B, and E are incorrect as they do not represent valid configurations for SSL certificates with CloudFront.