🔥 3-day streak
AWS Certified Security - Specialty4 / 184
Question 4 of 184

A company runs a public-facing REST API behind an Application Load Balancer (ALB). Security requires that the TLS private key used to terminate connections is never exportable or accessible to administrators, and that certificate renewal happens automatically without operator intervention. The team currently uses a certificate issued by a public third-party certificate authority that they trust. Which approach best meets all requirements?

Reviewed for accuracy · Report an issueNext question