🔥 3-day streak
AWS Certified Advanced Networking - Specialty1 / 141
Question 1 of 141

A financial services company runs a public-facing web application behind an internet-facing Application Load Balancer (ALB) with an HTTPS listener using an ACM certificate. A compliance audit requires that all TLS connections enforce forward secrecy and disallow any TLS versions below 1.2. The security team must ensure that the ALB rejects clients that cannot negotiate a cipher supporting forward secrecy, while minimizing operational overhead. What is the MOST appropriate action?

Reviewed for accuracy · Report an issueNext question