A company runs a high-traffic web application on EC2 instances behind an ALB. They are experiencing performance bottlenecks during peak hours. The Solutions Architect analyzes the VPC Flow Logs and CloudWatch metrics and notices that the EC2 instances are spending a significant amount of CPU cycles establishing TLS connections with the ALB. How can the architect improve performance?

Answer options:

Replace the ALB with a Network Load Balancer (NLB).

Change the ALB target group protocol from HTTPS to HTTP.

Increase the size of the EC2 instances.

Enable SSL Session Tickets on the EC2 instances.

How to approach this question

Identify the concept of TLS offloading.

Full Answer

B.Change the ALB target group protocol from HTTPS to HTTP.✓ Correct

Change the ALB target group protocol from HTTPS to HTTP.

TLS offloading involves terminating the secure connection at the load balancer. By changing the target group to HTTP, the ALB handles the CPU-intensive TLS encryption/decryption, freeing up the EC2 instances to process application logic.

Common mistakes

Choosing NLB, which would force the instances to handle the TLS handshake.

Question 37 All questions Question 39

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 4

75 questions · hints · full answers · grading

More questions from this exam

Q01A global enterprise is redesigning its network architecture across 50 AWS accounts. They require ...Hard Q02A financial services company uses AWS Organizations to manage 100+ accounts. The security team ma...Medium Q03An e-commerce company requires a multi-region active-active architecture for its critical order p...Medium Q04A company is setting up a new AWS environment using AWS Control Tower. They need to ensure that a...Hard Q05An enterprise has 50 AWS accounts under AWS Organizations. They want to implement a chargeback mo...Medium

View all 75 questions →