Correct answer - "Between clients and CloudFront and CloudFront and backend" : For web
distributions, you can configure CloudFront to require that viewers use HTTPS to request your
objects, so connections are encrypted when CloudFront communicates with viewers. You also can
configure CloudFront to use HTTPS to get objects from your origin, so connections are encrypted
when CloudFront communicates with your origin.
"Between clients and CloudFront only" - Incorrect, you can choose to require HTTPS between
CloudFront and your origin
"Between CloudFront and backend only" - Incorrect, you can choose to require HTTPS between
viewers and CloudFront
"Nowhere" - Incorrect, you can choose HTTPS settings both for communication between viewers and
CloudFront, and between CloudFront and your origin