🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 11 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

An online retailer is deploying a public-facing web application on Amazon EC2 instances behind an Application Load Balancer (ALB). Compliance mandates that every customer connection must use HTTPS with TLS 1.2 or later only and that server certificates be issued and renewed automatically with no downtime or manual effort. Which solution best meets these requirements?

  • Terminate TLS at an Amazon CloudFront distribution using an ACM certificate, then forward traffic over HTTP to the ALB listening on port 80 to reduce latency.

  • Request a public certificate from AWS Certificate Manager, attach it to an ALB HTTPS listener configured with an AWS security policy that permits only TLS 1.2+, and add an ALB rule that redirects HTTP requests to HTTPS.

  • Install self-signed certificates on every EC2 instance and configure a TCP listener on the ALB that forwards port 443 traffic directly to the instances.

  • Purchase a public TLS certificate, import it into AWS Certificate Manager, and attach it to an ALB HTTPS listener that enforces the ELBSecurityPolicy-TLS-1-2-Ext-2018-06 cipher suite.

ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot