🔥 3-day streak
AWS Certified Security - Specialty1 / 184
Question 1 of 184

A security team runs a public-facing web application behind an Application Load Balancer (ALB) that terminates TLS using a certificate provisioned by AWS Certificate Manager (ACM). A PCI DSS audit requires that the application no longer negotiate TLS 1.0 or TLS 1.1 and must reject weak ciphers, while still supporting modern browsers. What is the MOST appropriate action to enforce this requirement?

Reviewed for accuracy · Report an issueNext question