ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 224 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 224
Topic #: 1
[All AWS Certified Security - Specialty Questions]

Which of the following are valid configurations for using SSL certificates with Amazon CloudFront? (Choose three.)

  • A. Default AWS Certificate Manager certificate
  • B. Custom SSL certificate stored in AWS KMS
  • C. Default CloudFront certificate
  • D. Custom SSL certificate stored in AWS Certificate Manager
  • E. Default SSL certificate stored in AWS Secrets Manager
  • F. Custom SSL certificate stored in AWS IAM
Show Suggested Answer Hide Answer
Suggested Answer: CDF 🗳️
by viestner at March 16, 2021, 5:37 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DayQuil
Highly Voted 3 years, 9 months ago
C, D, and F. There is no default ACM certificate!
upvoted 26 times
...
cldy
Highly Voted 3 years, 9 months ago
C.D.F. - no default ACM exist.
upvoted 9 times
...
Raphaello
Most Recent 1 year, 4 months ago
Selected Answer: CDF
CDF are the correct answers.
upvoted 1 times
...
Raphaello
1 year, 4 months ago
The only "default" cert is that of CloudFront itself. Then either custom cert on ACM or IAM. CDF
upvoted 1 times
...
Shenannigan
1 year, 9 months ago
Selected Answer: ACD
Based on this I am going with ACD https://repost.aws/knowledge-center/install-ssl-cloudfront
upvoted 3 times
...
Granwizzard
1 year, 12 months ago
Selected Answer: ACD
F is possible but not the best practice for using it with Cloudfront, in my opinion. The certificate must be valid at the time of upload. You can't upload a certificate before its validity period begins or after it expires. https://repost.aws/knowledge-center/import-ssl-certificate-to-iam
upvoted 1 times
...
samCarson
2 years ago
Selected Answer: CDF
Although ACM provides default certificate (option A) but you can only use that for testing and development purposes. You cannot use the default ACM certificate in CloudFront. C. There is a default CloudFront certificate that you can use in CloudFront distributions. When you create a CloudFront distribution, you have the option to choose the default CloudFront certificate, also known as the "Amazon CloudFront Default Certificate. D. Use an ACM certificate: You can request a certificate through ACM or import a certificate from a trusted CA. ACM supports issuing certificates that can be used with CloudFront. F. Use a certificate from the AWS Identity and Access Management (IAM) certificate store: You can upload a certificate directly to IAM and then reference it in CloudFront. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html
upvoted 2 times
...
Urameshi
2 years ago
Selected Answer: CDF
Be in doubt about F at first, but then I saw this post and I agree with CDF https://repost.aws/knowledge-center/import-ssl-certificate-to-iam
upvoted 1 times
...
Urameshi
2 years ago
Be in doubt about F at first, but then I saw this post and I agree with CDF https://repost.aws/knowledge-center/import-ssl-certificate-to-iam
upvoted 1 times
...
pal40sg
2 years, 1 month ago
Selected Answer: ACD
It's worth noting that AWS KMS, AWS Secrets Manager, and AWS IAM are not directly used for configuring SSL certificates with Amazon CloudFront. While AWS KMS and AWS Secrets Manager can be used for managing encryption keys and secrets, respectively, they are not the primary services used for SSL certificate management in CloudFront. Similarly, AWS IAM is not used for storing SSL certificates for CloudFront.
upvoted 2 times
...
Jimmy123
2 years, 5 months ago
Selected Answer: ADF
here is no such thing as a "default CloudFront certificate" in AWS. CloudFront does not have its own certificate, it uses certificates from either AWS Certificate Manager or a custom SSL certificate stored in the AWS IAM. So option C is not correct.
upvoted 3 times
ksaru
2 years, 2 months ago
Check this to confirm on Default CloudFront Certificate - Option C is definitely correct. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-revert-to-cf-certificate.html
upvoted 1 times
...
...
dcasabona
2 years, 11 months ago
Selected Answer: CDF
I agree with C, D and F.
upvoted 1 times
...
sapien45
2 years, 11 months ago
Selected Answer: CDF
Default CF certificate and not default AWS ACM certificate
upvoted 1 times
...
gofavad926
2 years, 11 months ago
Selected Answer: CDF
Agree with C, D, F answer
upvoted 1 times
...
Appsec977
3 years ago
Selected Answer: CDF
Cannot deny the answer.
upvoted 1 times
...
TigerInTheCloud
3 years, 2 months ago
Selected Answer: CDF
Others are wrong
upvoted 1 times
...
RaySmith
3 years, 4 months ago
C, D and F is correct
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel