A user is trying to setup a security policy for ELB. The user wants ELB to meet the cipher supported by the
client by configuring the server order preference in ELB security policy. Which of the below mentioned
preconfigured policies supports this feature?
A.
ELBSecurity Policy-2014-01
B.
ELBSecurity Policy-2011-08
C.
ELBDefault Negotiation Policy
D.
ELBSample- OpenSSLDefault Cipher Policy
Explanation:
Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a
Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. If the load
balancer is configured to support the Server Order Preference, then the load balancer gets to select the first
cipher in its list that matches any one of the ciphers in the client’s list. When the user verifies thepreconfigured policies supported by ELB, the policy “ELBSecurity Policy-2014-01” supports server order
preference.
A
Agree – hope the similar questions won’t be asked during the job interviews 🙂
A is correct, but what a nasty question.
http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html
Agree – hope the similar questions won’t be asked during the job interviews
a
“ELB Security Policy-2016-08” latest preconfigured policy is currently supported.
A – see this table:
http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html