AWS Certified SysOps Administrator – Associate — Question 202

A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB). To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin. After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load.

What are possible causes for this problem? (Choose two.)

Answer options

• A. CloudFront does not have the ALB configured as the origin access identity.
• B. The DNS is still pointing to the ALB instead of the CloudFront distribution.
• C. The ALB security group is not permitting inbound traffic from CloudFront.
• D. The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on the CloudFront distribution.
• E. The target groups associated with the ALB are configured for sticky sessions.

Correct answer: B, D

Explanation

The correct answers are B and D. If the DNS is still pointing to the ALB, requests will bypass CloudFront entirely, resulting in no change to the server load. Additionally, setting the TTL to 0 seconds means that CloudFront will not cache responses, causing it to always forward requests to the ALB. The other options do not directly relate to why the ALB is still receiving requests.