AWS Certified SysOps Administrator – Associate — Question 94

A company plans to run a public web application on Amazon EC2 instances behind an Elastic Load Balancer (ELB). The company’s security team wants to protect the website by using AWS Certificate Manager (ACM) certificates. The ELB must automatically redirect any HTTP requests to HTTPS.

Which solution will meet these requirements?

Answer options

• A. Create an Application Load Balancer that has one HTTPS listener on port 80. Attach an SSL/TLS certificate to listener port 80. Create a rule to redirect requests from HTTP to HTTPS.
• B. Create an Application Load Balancer that has one HTTP listener on port 80 and one HTTPS protocol listener on port 443. Attach an SSL/TLS certificate to listener port 443. Create a rule to redirect requests from port 80 to port 443.
• C. Create an Application Load Balancer that has two TCP listeners on port 80 and port 443. Attach an SSL/TLS certificate to listener port 443. Create a rule to redirect requests from port 80 to port 443.
• D. Create a Network Load Balancer that has two TCP listeners on port 80 and port 443. Attach an SSL/TLS certificate to listener port 443. Create a rule to redirect requests from port 80 to port 443.

Correct answer: B

Explanation

Option B is correct because it properly configures an Application Load Balancer with an HTTP listener on port 80 and an HTTPS listener on port 443, allowing for the implementation of a redirection rule from HTTP to HTTPS and the use of an SSL/TLS certificate. Options A and C incorrectly set the HTTPS listener and do not provide the right configuration for redirection. Option D uses a Network Load Balancer instead of an Application Load Balancer, which does not support HTTP-to-HTTPS redirection in the same manner.