Your company is planning to use AWS EC2 and ELB for deployment for their web applications.
The security policy mandates that all traffic should be encrypted.
Which of the following options will ensure that this requirement is met? Choose 2 answers from the options below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer- B and C.
The AWS Documentation mentions the following.
You can create a load balancer that listens to the HTTP (80) and HTTPS (443) ports.
If you specify that the HTTPS listener sends requests to the instances on port 80, the load balancer terminates the requests, and communication from the load balancer to the instances is not encrypted.
If the HTTPS listener sends requests to the instances on port 443, communication from the load balancer to the instances is encrypted.
Option A is invalid because there is a need for secure traffic.
So port 80 should not be used.
Option D is invalid because, for the HTTPS listener, you need to use port 443.
For more information on HTTPS with ELB, please refer to the below link.
https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.htmlTo meet the security policy requirement of encrypting all traffic for web applications deployed on EC2 instances with an ELB load balancer, you should choose options B and C.
Option A is incorrect because listening on port 80 means that traffic is not encrypted, as this is the standard HTTP port, and HTTP traffic is not encrypted.
Option B is correct because listening on port 443 means that traffic is encrypted, as this is the standard HTTPS port.
Option C is correct because sending requests to the instances on port 443 means that the traffic is encrypted from the load balancer to the instances.
Option D is incorrect because sending requests to the instances on port 80 means that traffic is not encrypted.
Therefore, to ensure that all traffic for your web applications is encrypted, you should ensure that the load balancer listens on port 443 and that the HTTPS listener sends requests to the instances on port 443.