Which of the following are valid configurations for using SSL certificates with Amazon CloudFront? (Select THREE)
A. Default AWS Certificate Manager certificate
B. Custom SSL certificate stored in AWS KMS
C. Default CloudFront certificate
D. Custom SSL certificate stored in AWS Certificate Manager
E. Default SSL certificate stored in AWS Secrets Manager
F. Custom SSL certificate stored in AWS IAM
Answer: CDF
Explanation:
Here are the valid configurations for using SSL certificates with Amazon CloudFront:
A. Default AWS Certificate Manager certificate
Yes, you can use the certificates provided by the AWS Certificate Manager (ACM) with CloudFront. ACM handles the complexity of creating and managing public SSL/TLS certificates for your AWS based websites and applications.
B. Custom SSL certificate stored in AWS KMS
No, AWS Key Management Service (KMS) is not used for storing SSL certificates. It is primarily used for creating and controlling encryption keys.
C. Default CloudFront certificate
Yes, CloudFront provides default SSL certificates that can be used for your distribution. When you use the CloudFront domain name in your URLs (like d12345abcdefg.cloudfront.net), the distribution uses a CloudFront certificate.
D. Custom SSL certificate stored in AWS Certificate Manager
Yes, you can upload custom SSL certificates to AWS Certificate Manager (ACM) and use them with your CloudFront distribution. Using ACM is a good practice because it helps in managing the renewal and deployment of certificates seamlessly.
E. Default SSL certificate stored in AWS Secrets Manager
No, AWS Secrets Manager is not used for storing default SSL certificates. It is primarily used to manage sensitive information, including secrets and database credentials.
F. Custom SSL certificate stored in AWS IAM
Yes, before AWS Certificate Manager became the preferred way to upload and manage custom SSL certificates, IAM was used to upload and manage custom SSL certificates for use with various AWS services, including CloudFront.
Therefore, the valid configurations are options A, C, and D.
Latest SCS-C02 Dumps Valid Version with 235 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund