Which combination of actions should the SysOps administrator take to meet these requirements?
(Choose two.)
Enable CloudFront Origin Shield for the required AWS Regions.
Change the viewer protocol policy to use HTTPS only.
Add a second origin. Create an origin group that includes both origins. Activate CloudFront origin failover.
Turn on automatic compression of objects in the cache behavior settings.
Increase the CloudFront TTL values in the cache behavior settings.
Explanations:
Enabling CloudFront Origin Shield helps improve cache hit ratios by caching content in the AWS region closest to the origin, reducing the number of direct requests to the origin and improving overall performance.
Changing the viewer protocol policy to HTTPS only does not directly affect the cache hit ratio; it mainly impacts the security of data in transit between viewers and CloudFront.
Adding a second origin and creating an origin group does not necessarily improve the cache hit ratio; it provides redundancy and failover, but does not directly enhance caching effectiveness.
While turning on automatic compression can improve transfer speeds for compressed objects, it does not directly increase the cache hit ratio, as the underlying issue may still exist.
Increasing the CloudFront TTL (Time to Live) values in the cache behavior settings allows objects to remain in the cache longer, which can increase the cache hit ratio by reducing the number of requests sent to the origin.
It seems to me that the answer is:
Enable CloudFront Origin Shield for the required AWS Regions.