AWS Certified SysOps Administrator – Associate (legacy) — Question 486

A SysOps Administrator manages a website running on Amazon EC2 instances behind an ELB Application Load Balancer. Users visiting the load balancer's DNS address in a browser are reporting errors. The administrator has confirmed:
✑ The security groups and network ACLs are correctly configured.
✑ The load balancer target group shows no healthy instances.
What should the Administrator do to resolve this issue?

Answer options

• A. Review the application's logs for requests originating from the VPC DNS address.
• B. Review the load balancer access logs, looking for any issues or errors.
• C. Review the load balancer target group health check configuration.
• D. Review the load balancer listener configuration.

Correct answer: B

Explanation

Reviewing the load balancer access logs is the most effective way to identify the exact nature of the errors and connection failures between the client, load balancer, and backend targets. While target group health check settings are a common point of failure, access logs provide the detailed request and response metadata needed to diagnose why the instances are reported as unhealthy. Other choices, such as checking listeners or looking for VPC DNS requests in application logs, do not directly reveal the failure reasons of the target instances.