AWS Certified SysOps Administrator – Associate (legacy) — Question 857

A user has configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the below mentioned SSL protocols is not supported by the security policy?

Answer options

• A. TLS 1.3
• B. TLS 1.2
• C. SSL 2.0
• D. SSL 3.0

Correct answer: A

Explanation

AWS Classic Elastic Load Balancing (ELB) security policies support protocols such as TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 for secure client-to-load-balancer communication. However, traditional ELB security policies do not support TLS 1.3. While SSL 2.0 is also deprecated and insecure, TLS 1.3 is explicitly not supported by these predefined ELB SSL configurations.