AWS Certified SysOps Administrator – Associate — Question 319

Users are reporting consistent forced logouts from a stateful web application. The logouts occur before the expiration of a 15-minute application logout timer.

The web application is hosted on Amazon EC2 instances that are in an Auto Scaling group. The instances run behind an Application Load Balancer (ALB) that has a single target group. The ALB is configured as the origin in an Amazon CloudFront distribution. Session affinity (sticky sessions) is already enabled on the ALB target group and uses duration-based cookies. The web application generates its own application cookie.

Which combination of actions should a SysOps administrator take to resolve the logout problem? (Choose two.)

Answer options

• A. Change to the least outstanding requests algorithm on the ALB target group.
• B. Configure cookie forwarding in the CloudFront distribution's cache behavior settings.
• C. Configure the duration-based cookie to be named AWSALB.
• D. Configure the ALB to use the expiration cookie header.
• E. Change the ALB to use application-based cookies.

Correct answer: B, E

Explanation

To resolve the session state issues, the ALB should be configured to use application-based cookies (Option E) so that sticky sessions are bound to the application's own session lifecycle rather than an arbitrary duration. Additionally, because CloudFront is positioned in front of the ALB, cookie forwarding must be enabled in the CloudFront cache behavior (Option B) to ensure that session cookies are not stripped and successfully reach the origin ALB. Using duration-based cookies or changing the load balancing algorithm will not address the disconnection between the application's session state and CloudFront/ALB routing.