A company runs a web application on EC2 instances in an Auto Scaling group behind a target group. The application requires session affinity (sticky sessions). The application must be publicly available and protected by AWS WAF. Which combination of steps will meet these requirements? (Choose two.)
Choose an answer
Tap an option to check your answer.
Correct answer: Create a public Application Load Balancer. Specify the application target group., Create a web ACL in AWS WAF. Associate the web ACL with the endpoint..
Why this is the answer
An Application Load Balancer (ALB) is required because it supports session affinity (sticky sessions) and integrates with AWS WAF. Network Load Balancers (NLBs) and Gateway Load Balancers (GLBs) do not support session affinity at the load balancer level, nor do they integrate directly with AWS WAF for web application protection. Therefore, creating a public Application Load Balancer and specifying the application target group is the correct choice. AWS WAF protects web applications from common web exploits. To protect the application, a web ACL must be created in AWS WAF and associated with the ALB. Creating a second target group or adding Elastic IP addresses to EC2 instances does not address the requirements for session affinity or WAF protection.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed