ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your company is launching a customer-facing REST API on AWS. During the architecture review, you must show which design decision specifically addresses the availability element of the CIA triad. The workload uses Amazon EC2 instances behind an Application Load Balancer. Which of the following choices BEST demonstrates that the API will remain accessible and responsive during component failures?
Require TLS 1.2 for all client connections to encrypt traffic between clients and the API endpoints.
Protect the Application Load Balancer with AWS WAF configured to block SQL injection and cross-site scripting attacks.
Deploy EC2 instances across two Availability Zones, register them with the load balancer's target group, and enable Auto Scaling health checks to replace unhealthy instances automatically.
Enable AWS CloudTrail and store the logs in an S3 bucket with Object Lock to preserve evidence for forensic investigations.
Availability is concerned with ensuring that authorized users have timely and reliable access to systems and data. Placing EC2 instances in multiple Availability Zones and enabling health-check-based Auto Scaling provides redundancy and automatic failover, so the service continues to operate if one instance or an entire AZ becomes unavailable. Requiring TLS 1.2 protects data in transit and supports confidentiality and integrity, not availability. AWS WAF rules mitigate common web attacks, contributing primarily to integrity and confidentiality. Storing CloudTrail logs with Object Lock supports accountability and non-repudiation rather than keeping the API reachable. Therefore, distributing resources across AZs with automatic recovery is the option that best fulfills the availability objective.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of Auto Scaling health checks in AWS?
Open an interactive chat with Bash
What are Availability Zones in AWS and how do they improve service reliability?
Open an interactive chat with Bash
How does an Application Load Balancer contribute to availability in AWS?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .