A company has two web applications that run on Amazon EC2 and Amazon S3. The applications failed an HTTP security audit, and users are reporting latency issues. The applications need to deliver web content at low latencies while improving security and privacy for users and content providers. The company must implement a solution that does not require changes to the application code. Which combination of actions should the company take to meet these requirements? (Choose two.)

Topic #: - All AWS Certified Security - Specialty Questions

A. Deploy Amazon API Gateway. Cache the endpoint’s responses.
B. Configure Amazon API Gateway with a request parameter-based AWS Lambda authorizer to add HTTP security headers on origin responses.
C. Write a Lambda@Edge function to add HTTP security headers on origin responses. Most Voted
D. Configure Amazon CloudFront. Create a distribution for the EC2 and S3 origins. Most Voted
E. Implement an Application Load Balancer (ALB) to honor the connection header from the incoming client request after forwarding the response back to the client.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion