Skip to content
IT - Engineering - Cloud - Finance

IT – Engineering – Cloud – Finance

IT, Engineering, Entrepreneurship, Sports, Finances, Life, Success, Failure

  • Main
  • About
  • Online Store
  • Books
  • Contact
  • Top 100 AWS Certified Cloud Practitioner Exam Preparation Questions and Answers Dumps
  • Show All Posts
  • Privacy Policy
  • Disclaimer

Tag: VPC endpoints for Amazon S3

Posted on June 23, 2019December 23, 2020

Top 65 AWS Solution Architect Associate Certification Exam Questions and Answers Dump – SAA-C02

AWS Solution Architect Associate Exam Questions and Answers Dump
aws certified solution architect exam prep
aws certified solution architect exam prep

 

The AWS Certified Solutions Architect – Associate  average salary is  $149,446/year

In this blog, we will help you prepare for the AWS Solution Architect Associate Certification Exam, give you some  facts and summaries, provide AWS Solution Architect Associate Top  Questions and Answers Dump

Definition 1: Solution architecture is a practice of defining and describing an architecture of a system delivered in context of a specific solution and as such it may encompass description of an entire system or only its specific parts. Definition of a solution architecture is typically led by a solution architect.

Definition 2: The AWS Certified Solutions Architect – Associate examination is intended for individuals who perform a solutions architect role and have one or more years of hands-on experience designing available, cost-efficient, fault-tolerant, and scalable distributed systems on AWS.

AWS Solution Architect Associate Exam Facts and Summaries (SAA-C02)

  1. This exam validates an examinee’s ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies. It validates an examinee’s ability to:
    • Define a solution using architectural design principles based on customer requirements.
    • Provide implementation guidance based on best practices to the organization throughout the lifecycle of the project.
  2. There are two types of questions on the examination:
    • Multiple-choice: Has one correct response and three incorrect responses (distractors).
    • Multiple-response: Has two correct responses out of five options.

    Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that an examinee with incomplete knowledge or skill would likely choose. However, they are generally plausible responses that fit in the content area defined by the test objective. Unanswered questions are scored as incorrect; there is no penalty for guessing.  

  3. The table below lists the main content domains and their weightings:
  4. Domain 1: Design Resilient Architectures
    • Choose reliable/resilient storage.
    • Determine how to design decoupling mechanisms using AWS services.
    • Determine how to design a multi-tier architecture solution.
    • Determine how to design high availability and/or fault tolerant architectures
  5. Domain 2: Define Performant Architectures
    • Choose performant storage and databases.
    • Apply caching to improve performance.
    • Design solutions for elasticity and scalability.
  6. Domain 3: Specify Secure Applications and Architectures.
    • Determine how to secure application tiers.
    • Determine how to secure data.
    • Define the networking infrastructure for a single VPC application.
  7.  Domain 4: Design Cost-Optimized Architectures
    • Determine how to design cost-optimized storage.
    • Determine how to design cost-optimized compute.
  8. Domain 5: Define Operationally-Excellent Architectures
    • Choose design features in solutions that enable operational excellence.
  9. Take an AWS Training Class
  10. Study AWS Whitepapers and FAQs: AWS Well-Architected webpage (various whitepapers linked)
  11. If you are running an application in a production environment and must add a new EBS volume with data from a snapshot, what could you do to avoid degraded performance during the volume’s first use?
    Initialize the data by reading each storage block on the volume.
    Volumes created from an EBS snapshot must be initialized. Initializing occurs the first time a storage block on the volume is read, and the performance impact can be impacted by up to 50%. You can avoid this impact in production environments by pre-warming the volume by reading all of the blocks.
  12. If you are running a legacy application that has hard-coded static IP addresses and it is running on an EC2 instance; what is the best failover solution that allows you to keep the same IP address on a new instance?
    Elastic IP addresses (EIPs) are designed to be attached/detached and moved from one EC2 instance to another. They are a great solution for keeping a static IP address and moving it to a new instance if the current instance fails. This will reduce or eliminate any downtime uses may experience.
  13. Which feature of Intel processors help to encrypt data without significant impact on performance?
    AES-NI
  14. You can mount to EFS from which two of the following?
    • On-prem servers running Linux
    • EC2 instances running Linux

    EFS is not compatible with Windows operating systems.

  15. When a file(s) is encrypted and the stored data is not in transit it’s known as encryption at rest. What is an example of encryption at rest? 

  16. When would vertical scaling be necessary? When an application is built entirely into one source code, otherwise known as a monolithic application.

  17. Fault-Tolerance allows for continuous operation throughout a failure, which can lead to a low Recovery Time Objective.  RPO vs RTO

  18. High-Availability means automating tasks so that an instance will quickly recover, which can lead to a low Recovery Time Objective.  RPO vs. RTO
  19. Frequent backups reduce the time between the last backup and recovery point, otherwise known as the Recovery Point Objective.  RPO vs. RTO
  20. Which represents the difference between Fault-Tolerance and High-Availability? High-Availability means the system will quickly recover from a failure event, and Fault-Tolerance means the system will maintain operations during a failure.
  21. From a security perspective, what is a principal? An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.

    An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system.

  22. What are two types of session data saving for an Application Session State? Stateless and Stateful

23. It is the customer’s responsibility to patch the operating system on an EC2 instance.

24. In designing an environment, what four main points should a Solutions Architect keep in mind? Cost-efficient, secure, application session state, undifferentiated heavy lifting: These four main points should be the framework when designing an environment.

25. In the context of disaster recovery, what does RPO stand for? RPO is the abbreviation for Recovery Point Objective.

26. What are the benefits of horizontal scaling?

Vertical scaling can be costly while horizontal scaling is cheaper.

Horizontal scaling suffers from none of the size limitations of vertical scaling.

Having horizontal scaling means you can easily route traffic to another instance of a server.

Top
Reference: AWS Solution Architect Associate Exam Prep

Top 65 AWS Solution Architect Associate Exam Prep Questions and Answers Dump – SAA-C02

For a better mobile experience, download the mobile app below:

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q0: A company is developing a highly available web application using stateless web servers. Which services are suitable for storing session state data? (Select TWO.)

  • A. CloudWatch
  • B. DynamoDB
  • C. Elastic Load Balancing
  • D. ElastiCache
  • E. Storage Gateway

Answer: B and D ( iOS – Android)

Reference: AWS Session management

Top

Q1: A Solutions Architect is designing a critical business application with a relational database that runs on an EC2 instance. It requires a single EBS volume that can support up to 16,000 IOPS.
Which Amazon EBS volume type can meet the performance requirements of this application?

  • A. EBS Provisioned IOPS SSD
  • B. EBS Throughput Optimized HDD
  • C. EBS General Purpose SSD
  • D. EBS Cold HDD

Answer: A  (iOS – Android)
EBS Provisioned IOPS SSD provides sustained performance for mission-critical low-latency workloads. EBS General Purpose SSD can provide bursts of performance up to 3,000 IOPS and have a maximum baseline performance of 10,000 IOPS for volume sizes greater than 3.3 TB. The 2 HDD options are lower cost, high throughput volumes.

Reference: Amazon EBS Performance Tips

Top

Q2: An application running on EC2 instances processes sensitive information stored on Amazon S3. The information is accessed over the Internet. The security team is concerned that the Internet connectivity to Amazon S3 is a security risk.
Which solution will resolve the security concern?

  • A. Access the data through an Internet Gateway.
  • B. Access the data through a VPN connection.
  • C. Access the data through a NAT Gateway.
  • D.Access the data through a VPC endpoint for Amazon S3

Answer:D ( iOS – Android)
VPC endpoints for Amazon S3 provide secure connections to S3 buckets that do not require a gateway or NAT instances. NAT Gateways and Internet Gateways still route traffic over the Internet to the public endpoint for Amazon S3. There is no way to connect to Amazon S3 via VPN.

Reference: S3 VPC Endpoints

Top

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q3: An organization is building an Amazon Redshift cluster in their shared services VPC. The cluster will host sensitive data.
How can the organization control which networks can access the cluster?

  • A. Run the cluster in a different VPC and connect through VPC peering.
  • B. Create a database user inside the Amazon Redshift cluster only for users on the network.
  • C. Define a cluster security group for the cluster that allows access from the allowed networks.
  • D. Only allow access to networks that connect with the shared services network via VPN.

Answer: iOS – Android
A security group can grant access to traffic from the allowed networks via the CIDR range for each network. VPC peering and VPN are connectivity services and cannot control traffic for security. Amazon Redshift user accounts address authentication and authorization at the user level and have no control over network traffic.

Reference: AWS Security best practice

Top

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q4: A web application allows customers to upload orders to an S3 bucket. The resulting Amazon S3 events trigger a Lambda function that inserts a message to an SQS queue. A single EC2 instance reads messages from the queue, processes them, and stores them in an DynamoDB table partitioned by unique order ID. Next month traffic is expected to increase by a factor of 10 and a Solutions Architect is reviewing the architecture for possible scaling problems.
Which component is MOST likely to need re-architecting to be able to scale to accommodate the new traffic?

  • A. Lambda function
  • B. SQS queue
  • C. EC2 instance
  • D. DynamoDB table

Answer: C ( iOS – Android)
A single EC2 instance will not scale and is a single point of failure in the architecture. A much better solution would be to have EC2 instances in an Auto Scaling group across 2 availability zones read messages from the queue. The other responses are all managed services that can be configured to scale or will scale automatically.

Reference: Eliminating Single Points of Failures on AWS Cloud

  • Single NAT Instance in Network
  • Running all Workloads in single AZ Compute/Storage
  • Single DNS and other DNS Issues in Network
  • Not setting up for Auto-Scale Core Services
  • AWS Load Balancer – Cross Network
  • AWS RDS within single AZ Database
  • Manual Scale
  • How to Remove Single Points of Failure by Using a High-Availability Partition Group in Your AWS CloudHSM Environment

Top

Q5: An application requires a highly available relational database with an initial storage capacity of 8 TB. The database will grow by 8 GB every day. To support expected traffic, at least eight read replicas will be required to handle database reads.
Which option will meet these requirements?

  • A. DynamoDB
  • B. Amazon S3
  • C. Amazon Aurora
  • D. Amazon Redshift

Answer: iOS – Android
Amazon Aurora is a relational database that will automatically scale to accommodate data growth. Amazon Redshift does not support read replicas and will not automatically scale. DynamoDB is a NoSQL service, not a relational database. Amazon S3 is object storage, not a relational database.

Reference: Replication with Amazon Aurora

Top

Q6: How can you improve the performance of EFS?

  • A. Use an instance-store backed EC2 instance.
  • B. Provision more throughput than is required.
  • C. Divide your files system into multiple smaller file systems.
  • D. Provision higher IOPs for your EFS.

Answer: B  iOS – Android
Amazon EFS now allows you to instantly provision the throughput required for your applications independent of the amount of data stored in your file system. This allows you to optimize throughput for your application’s performance needs.

Reference: Amazon EFS Performance

Top

Q7:
If you are designing an application that requires fast (10 – 25Gbps), low-latency connections between EC2 instances, what EC2 feature should you use?

  • A. Snapshots
  • B. Instance store volumes
  • C. Placement groups
  • D. IOPS provisioned instances.

Answer:  iOS – Android
Placement groups are a clustering of EC2 instances in one Availability Zone with fast (up to 25Gbps) connections between them. This feature is used for applications that need extremely low-latency connections between instances.

Reference: Placement Groups

Top

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q8: A Solution Architect is designing an online shopping application running in a VPC on EC2 instances behind an ELB Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The application tier must read and write data to a customer managed database cluster. There should be no access to the database from the Internet, but the cluster must be able to obtain software patches from the Internet.

Which VPC design meets these requirements?

  • A. Public subnets for both the application tier and the database cluster
  • B. Public subnets for the application tier, and private subnets for the database cluster
  • C. Public subnets for the application tier and NAT Gateway, and private subnets for the database cluster
  • D. Public subnets for the application tier, and private subnets for the database cluster and NAT Gateway

Answer: C.
The online application must be in public subnets to allow access from clients' browsers. The database cluster must be in private subnets to meet the requirement that there be no access from the Internet.
A NAT Gateway is required to give the database cluster the ability to download patches from the Internet. NAT Gateways must be deployed in public subnets.

Reference: Public and Private Subnets

Top

Q9: What command should you run on a running instance if you want to view its user data (that is used at launch)?

  • A. curl http://254.169.254.169/latest/user-data
  • B. curl http://localhost/latest/meta-data/bootstrap
  • C. curl http://localhost/latest/user-data
  • D. curl http://169.254.169.254/latest/user-data

Answer: iOS – Android
Retrieve Instance User Data
To retrieve user data from within a running instance, use the following URI:
http://169.254.169.254/latest/user-data

Reference: Instance Metadata and User Data

Get user data from AWS Ec2 running instance
Get user data from AWS Ec2 running instance

Top

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q10: A company is developing a highly available web application using stateless web servers. Which
services are suitable for storing session state data? (Select TWO.)

  • A. CloudWatch
  • B. DynamoDB
  • C. Elastic Load Balancing
  • D. ElastiCache
  • E. Storage Gateway

Answer: B. and D.
Both DynamoDB and ElastiCache provide high performance storage of key-value pairs.
CloudWatch and ELB are not storage services. Storage Gateway is a storage service, but it is a hybrid Storage service that enables on-premises applications to use cloud storage.

A stateful web service will keep track of the “state” of a client's connection and data over several requests. So for example, the client might login, select a users account data, update their address, attach a photo, and change the status flag, then disconnect.

In a stateless web service, the server doesn't keep any information from one request to the next. The client needs to do it's work in a series of simple transactions, and the client has to keep track of what happens between requests. So in the above example, the client needs to do each operation separately: connect and update the address, disconnect. Connect and attach the photo, disconnect. Connect and change the status flag, disconnect.

A stateless web service is much simpler to implement, and can handle greater volume of clients.

Reference: Stateful & Stateless web service

Top

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q11: From a security perspective, what is a principal?

  • A. An identity
  • B. An anonymous user 
  • C. An authenticated user
  • D. A resource

Answer: iOS – Android

An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.  An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system.

Reference: Access management

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q12: What are the characteristics of a tiered application?

  • A. All three application layers are on the same instance
  • B. The presentation tier is on an isolated instance than the logic layer
  • C. None of the tiers can be cloned
  • D. The logic layer is on an isolated instance than the data layer
  • E. Additional machines can be added to help the application by implementing horizontal scaling
  • F.  Incapable of horizontal scaling

Answer: B. D. and E.

In a tiered application, the presentation layer is separate from the logic layer; the logic layer is separate from the data layer. Since parts of the application are isolated, they can scale horizontally.

Reference: Tiered Application

Q13: When using horizontal scaling, how can a server’s capacity closely match it’s rising demand?

A. By frequently purchasing additional instances and smaller resources

B. By purchasing more resources very far in advance

C. By purchasing more resources after demand has risen

D. It is not possible to predict demand

Answer: iOS – Android

Reference: AWS Horizontal Scaling

Q14: What is the concept behind AWS’ Well-Architected Framework?

A. It’s a set of best practice areas, principles, and concepts that can help you implement effective AWS solutions.

B. It’s a set of best practice areas, principles, and concepts that can help you implement effective solutions tailored to your specific business.

C. It’s a set of best practice areas, principles, and concepts that can help you implement effective solutions from another web host.

D. It’s a set of best practice areas, principles, and concepts that can help you implement effective E-Commerce solutions.

Answer: A.

Reference: AWS Well architected Framework
 
Q15: Select the true statements regarding AWS Regions.

 

A. Availability Zones are isolated locations within regions

B. Region codes identify specific regions (example: US-EAST-2)

C. All AWS Regions contain the full set of AWS services.

D. An AWS Region is assigned based on the user’s location when creating an AWS account.

Answer: (A, B, D)
Reference: AWS Regions

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q16: Which is not one of the five pillars of a well-architected framework?

 

A. Reliability

B. Performance Efficiency

C. Structural Simplicity

D. Security

E. Operational Excellence

Answer: C

Reference: AWS Well Architected Framework

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q17: You lead a team to develop a new online game application in AWS EC2. The application will have a large number of users globally. For a great user experience, this application requires very low network latency and jitter. If the network speed is not fast enough, you will lose customers. Which tool would you choose to improve the application performance? (Select TWO.)

A. AWS VPN

B. AWS Global Accelerator

C. Direct Connect

D. API Gateway

E. CloudFront

Answer: iOS – Android

Notes: This online game application has global users and needs low latency. Both CloudFront and Global Accelerator can speed up the distribution of contents over the AWS global network. AWS Global Accelerator works at the network layer and is able to direct traffic to optimal endpoints. Check what is global-accelerator for reference.  CloudFront delivers content through edge locations and users are routed to the edge location that has the lowest time delay.

Q18: A company has a media processing application deployed in a local data center.  Its file storage is built on a Microsoft Windows file server. The application and file server need to be migrated to AWS. You want to quickly set up the file server in AWS and the application code should continue working to access the file systems. Which method should you choose to create the file server?

A. Create a Windows File Server from Amazon WorkSpaces.

B. Configure a high performance Windows File System in Amazon EFS.

C. Create a Windows File Server in Amazon FSx.

D. Configure a secure enterprise storage through Amazon WorkDocs.

Answer: C

Notes: In this question, a Windows file server is required in AWS and the application should continue to work unchanged. Amazon FSx for Windows File Server is the correct answer as it is backed by a fully native Windows file system.

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q19: You are developing an application using AWS SDK to get objects from AWS S3. The objects have big sizes and sometimes there are failures when getting objects especially when the network connectivity is poor. You want to get a specific range of bytes in a single GET request and retrieve the whole object in parts. Which method can achieve this?

A. Enable multipart upload in the AWS SDK.

B. Use the “Range” HTTP header in a GET request to download the specified range bytes of an object.

C. Reduce the retry requests and enlarge the retry timeouts through AWS SDK when fetching S3 objects.

D. Retrieve the whole S3 object through a single GET operation.

Answer: iOS – Android

Notes: Because with byte-range fetches, users can establish concurrent connections to Amazon S3 to fetch different parts from within the same object.

Through the “Range” header in the HTTP GET request, a specified portion of the objects can be downloaded instead of the whole objects. Check the explanations in here.

Q20: You have an application hosted in an Auto Scaling group and an application load balancer distributes traffic to the ASG. You want to add a scaling policy that keeps the average aggregate CPU utilization of the Auto Scaling group to be 60 percent. The capacity of the Auto Scaling group should increase or decrease based on this target value. Which scaling policy does it belong to?

A. Target tracking scaling policy.

B. Step scaling policy.

C. Simple scaling policy.

D. Scheduled scaling policy.

Answer: A

Notes: A target tracking scaling policy can be applied to check the ASGAverageCPUUtilization metric.  In ASG, you can add a target tracking scaling policy based on a target. Check here for different scaling policies.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q21: You need to launch a number of EC2 instances to run Cassandra. There are large distributed and replicated workloads in Cassandra and you plan to launch instances using EC2 placement groups. The traffic should be distributed evenly across several partitions and each partition should contain multiple instances. Which strategy would you use when launching the placement groups?

A. Cluster placement strategy

B. Spread placement strategy.

C. Partition placement strategy.

D. Network placement strategy.

Answer: iOS – Android

Notes:  Placement groups have the placement strategies of Cluster, Partition and Spread. With the Partition placement strategy, instances in one partition do not share the underlying hardware with other partitions. This strategy is suitable for distributed and replicated workloads such as Cassandra. Details please refer to Placement Groups Limitation partition.

Q22: To improve the network performance, you launch a C5 EC2 Amazon Linux instance and enable enhanced networking by modifying the instance attribute with “aws ec2 modify-instance-attribute –instance-id instance_id –ena-support”. Which mechanism does the EC2 instance use to enhance the networking capabilities?

A. Intel 82599 Virtual Function (VF) interface.

B. Elastic Fabric Adapter (EFA).

C. Elastic Network Adapter (ENA).

D. Elastic Network Interface (ENI).

Answer: C

Notes: Enhanced networking has two mechanisms: Elastic Network Adapter (ENA) and Intel 82599Virtual Function (VF) interface. For ENA, users can enable it with –ena-support. References can be found here

Q23: You work for an online retailer where any downtime at all can cause a significant loss of revenue. You have architected your application to be deployed on an Auto Scaling Group of EC2 instances behind a load balancer. You have configured and deployed these resources using a CloudFormation template. The Auto Scaling Group is configured with default settings, and a simple CPU utilization scaling policy. You have also set up multiple Availability Zones for high availability. The Load Balancer does health checks against an html file generated by script. When you begin performing load testing on your application and notice in CloudWatch that the load balancer is not sending traffic to one of your EC2 instances. What could be the problem?

A. The EC2 instance has failed the load balancer health check.

B. The instance has not been registered with CloudWatch.

C. The EC2 instance has failed EC2 status checks.

D. You are load testing at a moderate traffic level and not all instances are needed.

Answer: iOS – Android

Notes: The load balancer will route the incoming requests only to the healthy instances. The EC2 instance may have passed status check and be considered health to the Auto Scaling Group, but the ELB may not use it if the ELB health check has not been met. The ELB health check has a default of 30 seconds between checks, and a default of 3 checks before making a decision. Therefore the instance could be visually available but unused for at least 90 seconds before the GUI would show it as failed. In CloudWatch where the issue was noticed it would appear to be a healthy EC2 instance but with no traffic. Which is what was observed.

References: ELB HealthCheck

Q24: Your company is using a hybrid configuration because there are some legacy applications which are not easily converted and migrated to AWS. And with this configuration comes a typical scenario where the legacy apps must maintain the same private IP address and MAC address. You are attempting to convert the application to the cloud and have configured an EC2 instance to house the application. What you are currently testing is removing the ENI from the legacy instance and attaching it to the EC2 instance. You want to attempt a cold attach. What does this mean?

A. Attach ENI when it’s stopped.

B. Attach ENI before the public IP address is assigned.

C. Attach ENI to an instance when it’s running.

D. Attach ENI when the instance is being launched.

Answer: iOS – Android

Notes: Best practices for configuring network interfaces You can attach a network interface to an instance when it's running (hot attach), when it's stopped (warm attach), or when the instance is being launched (cold attach). You can detach secondary network interfaces when the instance is running or stopped. However, you can't detach the primary network interface. You can move a network interface from one instance to another, if the instances are in the same Availability Zone and VPC but in different subnets. When launching an instance using the CLI, API, or an SDK, you can specify the primary network interface and additional network interfaces. Launching an Amazon Linux or Windows Server instance with multiple network interfaces automatically configures interfaces, private IPv4 addresses, and route tables on the operating system of the instance. A warm or hot attach of an additional network interface may require you to manually bring up the second interface, configure the private IPv4 address, and modify the route table accordingly. Instances running Amazon Linux or Windows Server automatically recognize the warm or hot attach and configure themselves. Attaching another network interface to an instance (for example, a NIC teaming configuration) cannot be used as a method to increase or double the network bandwidth to or from the dual-homed instance. If you attach two or more network interfaces from the same subnet to an instance, you may encounter networking issues such as asymmetric routing. If possible, use a secondary private IPv4 address on the primary network interface instead. For more information, see Assigning a secondary private IPv4 address.

Reference: EC2 ENI User Guide

Q25: Your company has recently converted to a hybrid cloud environment and will slowly be migrating to a fully AWS cloud environment. The AWS side is in need of some steps to prepare for disaster recovery. A disaster recovery plan needs drawn up and disaster recovery drills need to be performed for compliance reasons. The company wants to establish Recovery Time and Recovery Point Objectives. The RTO and RPO can be pretty relaxed. The main point is to have a plan in place, with as much cost savings as possible. Which AWS disaster recovery pattern will best meet these requirements?

A. Warm Standby

B. Backup and restore

C. Multi Site

D. Pilot Light

Answer: B

Notes: Backup and Restore: This is the least expensive option and cost is the overriding factor.

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q26: An international travel company has an application which provides travel information and alerts to users all over the world. The application is hosted on groups of EC2 instances in Auto Scaling Groups in multiple AWS Regions. There are also load balancers routing traffic to these instances. In two countries, Ireland and Australia, there are compliance rules in place that dictate users connect to the application in eu-west-1 and ap-southeast-1. Which service can you use to meet this requirement?

A. Use Route 53 weighted routing.

B. Use Route 53 geolocation routing.

C. Configure CloudFront and the users will be routed to the nearest edge location.

D. Configure the load balancers to route users to the proper region.

Answer: iOS – Android

Notes: Geolocation routing lets you choose the resources that serve your traffic based on the geographic location of your users, meaning the location that DNS queries originate from. For example, you might want all queries from Europe to be routed to an ELB in the Frankfurt region. When you use geolocation routing, you can localize your content and present some or all of your website in the language of your users. You can also use geolocation routing to restrict distribution of content to only the locations in which you have distribution rights. Another possible use is for balancing load across endpoints in a predictable, easy-to-manage way, so that each user location is consistently routed to the same endpoint.

Reference: Geolocation Routing Policy

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q26: You have taken over management of several instances in the company AWS environment. You want to quickly review scripts used to bootstrap the instances at runtime. A URL command can be used to do this. What can you append to the URL http://169.254.169.254/latest/ to retrieve this data?

A. user-data/

B. instance-demographic-data/

C. meta-data/

D. instance-data/

Answer: A

Notes: When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

Reference: EC2 instance user data

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q27: A software company has created an application to capture service requests from users and also enhancement requests. The application is deployed on an Auto Scaling group of EC2 instances fronted by an Application Load Balancer. The Auto Scaling group has scaled to maximum capacity, but there are still requests being lost. The cost of these instances is becoming an issue. What step can the company take to ensure requests aren’t lost?

A. Use larger instances in the Auto Scaling group.

B. Use spot instances to save money.

C. Use an SQS queue with the Auto Scaling group to capture all requests.

D. Use a Network Load Balancer instead for faster throughput.

Answer: iOS – Android

Notes: There are some scenarios where you might think about scaling in response to activity in an Amazon SQS queue. For example, suppose that you have a web app that lets users upload images and use them online. In this scenario, each image requires resizing and encoding before it can be published. The app runs on EC2 instances in an Auto Scaling group, and it's configured to handle your typical upload rates. Unhealthy instances are terminated and replaced to maintain current instance levels at all times. The app places the raw bitmap data of the images in an SQS queue for processing. It processes the images and then publishes the processed images where they can be viewed by users. The architecture for this scenario works well if the number of image uploads doesn't vary over time. But if the number of uploads changes over time, you might consider using dynamic scaling to scale the capacity of your Auto Scaling group.

Reference: Using SQS Queue

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q28: A company has an auto scaling group of EC2 instances hosting their retail sales application. Any significant downtime for this application can result in large losses of profit. Therefore the architecture also includes an Application Load Balancer and an RDS database in a Multi-AZ deployment. The company has a very aggressive Recovery Time Objective (RTO) in case of disaster. How long will a failover typically complete?

 
 

A. Under 10 minutes

B. Within an hour

C. Almost instantly

D. one to two minutes

Answer:  D

Notes: What happens during Multi-AZ failover and how long does it take? Failover is automatically handled by Amazon RDS so that you can resume database operations as quickly as possible without administrative intervention. When failing over, Amazon RDS simply flips the canonical name record (CNAME) for your DB instance to point at the standby, which is in turn promoted to become the new primary. We encourage you to follow best practices and implement database connection retry at the application layer. Failovers, as defined by the interval between the detection of the failure on the primary and the resumption of transactions on the standby, typically complete within one to two minutes. Failover time can also be affected by whether large uncommitted transactions must be recovered; the use of adequately large instance types is recommended with Multi-AZ for best results. AWS also recommends the use of Provisioned IOPS with Multi-AZ instances for fast, predictable, and consistent throughput performance.

Reference: RDS FAQ

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q29: You have two EC2 instances running in the same VPC, but in different subnets. You are removing the secondary ENI from an EC2 instance and attaching it to another EC2 instance. You want this to be fast and with limited disruption. So you want to attach the ENI to the EC2 instance when it’s running. What is this called?

A. hot attach

B. warm attach

C. cold attach

D. synchronous attach

Answer: iOS – Android

Notes: Here are some best practices for configuring network interfaces. You can attach a network interface to an instance when it's running (hot attach), when it's stopped (warm attach), or when the instance is being launched (cold attach). You can detach secondary network interfaces when the instance is running or stopped. However, you can't detach the primary network interface. You can move a network interface from one instance to another if the instances are in the same Availability Zone and VPC but in different subnets. When launching an instance using the CLI, API, or an SDK, you can specify the primary network interface and additional network interfaces. Launching an Amazon Linux or Windows Server instance with multiple network interfaces automatically configures interfaces, private IPv4 addresses, and route tables on the operating system of the instance. A warm or hot attach of an additional network interface may require you to manually bring up the second interface, configure the private IPv4 address, and modify the route table accordingly. Instances running Amazon Linux or Windows Server automatically recognize the warm or hot attach and configure themselves. Attaching another network interface to an instance (for example, a NIC teaming configuration) cannot be used as a method to increase or double the network bandwidth to or from the dual-homed instance. If you attach two or more network interfaces from the same subnet to an instance, you may encounter networking issues such as asymmetric routing. If possible, use a secondary private IPv4 address on the primary network interface instead. For more information, see Assigning a secondary private IPv4 address.

Reference: EC2 ENI

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q30: You suspect that one of the AWS services your company is using has gone down. How can you check on the status of this service?

 

A. AWS Trusted Advisor

B. Amazon Inspector

C. AWS Personal Health Dashboard

D. AWS Organizations

Answer: C

Notes: AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view of the performance and availability of the AWS services underlying your AWS resources. The dashboard displays relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities. With Personal Health Dashboard, alerts are triggered by changes in the health of AWS resources, giving you event visibility and guidance to help quickly diagnose and resolve issues.

Reference: AWS Personal Health Dashboard

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q31: You have configured an Auto Scaling Group of EC2 instances fronted by an Application Load Balancer and backed by an RDS database. You want to begin monitoring the EC2 instances using CloudWatch metrics. Which metric is not readily available out of the box?

A. CPU utilization

B. DiskReadOps

C. NetworkIn

D. Memory utilization

Answer: iOS – Android

Notes: Memory utilization is not available as an out of the box metric in CloudWatch. You can, however, collect memory metrics when you configure a custom metric for CloudWatch.

Types of custom metrics that you can set up include:

  • Memory utilization
  • Disk swap utilization
  • Disk space utilization
  • Page file utilization
  • Log collection

Reference: EC2 custom metrics

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q32: Several instances you are creating have a specific data requirement. The requirement states that the data on the root device needs to persist independently from the lifetime of the instance. After considering AWS storage options, which is the simplest way to meet these requirements?

A. Store your root device data on Amazon EBS.

B. Store the data on the local instance store.

C. Create a cron job to migrate the data to S3.

D. Send the data to S3 using S3 lifecycle rules.

Answer: A

Notes: By using Amazon EBS, data on the root device will persist independently from the lifetime of the instance. This enables you to stop and restart the instance at a subsequent time, which is similar to shutting down your laptop and restarting it when you need it again.

Reference: Amazon EBS

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q33: A company has an Auto Scaling Group of EC2 instances hosting their retail sales application. Any significant downtime for this application can result in large losses of profit. Therefore the architecture also includes an Application Load Balancer and an RDS database in a Multi-AZ deployment. What will happen to preserve high availability if the primary database fails?

A. A Lambda function kicks off a CloudFormation template to deploy a backup database.

B. The CNAME is switched from the primary db instance to the secondary.

C. Route 53 points the CNAME to the secondary database instance.

D. The Elastic IP address for the primary database is moved to the secondary database.

Answer: iOS – Android

Notes: Amazon RDS Multi-AZ deployments provide enhanced availability and durability for RDS database (DB) instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby (or to a read replica in the case of Amazon Aurora), so that you can resume database operations as soon as the failover is complete. Since the endpoint for your DB Instance remains the same after a failover, your application can resume database operation without the need for manual administrative intervention.

Failover is automatically handled by Amazon RDS so that you can resume database operations as quickly as possible without administrative intervention. When failing over, Amazon RDS simply flips the canonical name record (CNAME) for your DB instance to point at the standby, which is in turn promoted to become the new primary.

References: RDS Multi-AZ

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q34: After several issues with your application and unplanned downtime, your recommendation to migrate your application to AWS is approved. You have set up high availability on the front end with a load balancer and an Auto Scaling Group. What step can you take with your database to configure high-availability and ensure minimal downtime (under five minutes)?

A. Create a read replica.

B. Enable Multi-AZ failover on the database.

C. Take frequent snapshots of your database.

D. Create your database using CloudFormation and save the template for reuse.

Answer: B

Notes: In the event of a planned or unplanned outage of your DB instance, Amazon RDS automatically switches to a standby replica in another Availability Zone if you have enabled Multi-AZ. The time it takes for the failover to complete depends on the database activity and other conditions at the time the primary DB instance became unavailable. Failover times are typically 60–120 seconds. However, large transactions or a lengthy recovery process can increase failover time. When the failover is complete, it can take additional time for the RDS console to reflect the new Availability Zone. Note the above sentences. Large transactions could cause a problem in getting back up within five minutes, but this is clearly the best of the available choices to attempt to meet this requirement. We must move through our questions on the exam quickly, but always evaluate all the answers for the best possible solution.

References: Enable Multi-AZ

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q35: A new startup is considering the advantages of using DynamoDB versus a traditional relational database in AWS RDS. The NoSQL nature of DynamoDB presents a small learning curve to the team members who all have experience with traditional databases. The company will have multiple databases, and the decision will be made on a case-by-case basis. Which of the following use cases would favour DynamoDB? Select two.

A. Strong referential integrity between tables

B. Storing BLOB data

C. Storing infrequently accessed data

D. Managing web session data

E. Storing metadata for S3 objects

Answer: iOS – Android

Notes: DynamoDB is a NoSQL database that supports key-value and document data structures. A key-value store is a database service that provides support for storing, querying, and updating collections of objects that are identified using a key and values that contain the actual content being stored. Meanwhile, a document data store provides support for storing, querying, and updating items in a document format such as JSON, XML, and HTML. DynamoDB’s fast and predictable performance characteristics make it a great match for handling session data. Plus, since it’s a fully-managed NoSQL database service, you avoid all the work of maintaining and operating a separate session store.

Storing metadata for Amazon S3 objects is correct because the Amazon DynamoDB stores structured data indexed by primary key and allows low-latency read and write access to items ranging from 1 byte up to 400KB. Amazon S3 stores unstructured blobs and is suited for storing large objects up to 5 TB. In order to optimize your costs across AWS services, large objects or infrequently accessed data sets should be stored in Amazon S3, while smaller data elements or file pointers (possibly to Amazon S3 objects) are best saved in Amazon DynamoDB.

References: DynamoDB Session Manager

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q36: You have been tasked with designing a strategy for backing up EBS volumes attached to an instance-store-backed EC2 instance. You have been asked for an executive summary on your design, and the executive summary should include an answer to the question, “What can an EBS volume do when snapshotting the volume is in progress”?

A. The volume can be used normally while the snapshot is in progress.

B. The volume can only accommodate writes while a snapshot is in progress.

C. The volume can not be used while a snapshot is in progress.

D. The volume can only accommodate reads while a snapshot is in progress.

Answer: A

Notes: You can create a point-in-time snapshot of an EBS volume and use it as a baseline for new volumes or for data backup. If you make periodic snapshots of a volume, the snapshots are incremental; the new snapshot saves only the blocks that have changed since your last snapshot. Snapshots occur asynchronously; the point-in-time snapshot is created immediately, but the status of the snapshot is pending until the snapshot is complete (when all of the modified blocks have been transferred to Amazon S3), which can take several hours for large initial snapshots or subsequent snapshots where many blocks have changed. While it is completing, an in-progress snapshot is not affected by ongoing reads and writes to the volume.

References: EBS Creating snapshots

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q37: You are working as a Solutions Architect in a large healthcare organization. You have many Auto Scaling Groups that you need to create. One requirement is that you need to reuse some software licenses and therefore need to use dedicated hosts on EC2 instances in your Auto Scaling Groups. What step must you take to meet this requirement?

A. Create your launch configuration, but manually change the instances to Dedicated Hosts in the EC2 console.

B. Use a launch template with your Auto Scaling Group.

C. Create the Dedicated Host EC2 instances, then add them to an existing Auto Scaling Group.

D. Make sure your launch configurations are using Dedicated Hosts.

Answer: B

Notes: In addition to the features of Amazon EC2 Auto Scaling that you can configure by using launch templates, launch templates provide more advanced Amazon EC2 configuration options. For example, you must use launch templates to use Amazon EC2 Dedicated Hosts. Dedicated Hosts are physical servers with EC2 instance capacity that are dedicated to your use. While Amazon EC2 Dedicated Instances also run on dedicated hardware, the advantage of using Dedicated Hosts over Dedicated Instances is that you can bring eligible software licenses from external vendors and use them on EC2 instances. If you currently use launch configurations, you can specify a launch template when you update an Auto Scaling group that was created using a launch configuration. To create a launch template to use with an Auto Scaling Group, create the template from scratch, create a new version of an existing template, or copy the parameters from a launch configuration, running instance, or other template.

References: Ec2 Autoscaling Group Launch Templates

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q38: Your organization uses AWS CodeDeploy for deployments. Now you are starting a project on the AWS Lambda platform. For your deployments, you’ve been given a requirement of performing blue-green deployments. When you perform deployments, you want to split traffic, sending a small percentage of the traffic to the new version of your application. Which deployment configuration will allow this splitting of traffic?

A. Canary

B. All at Once

C. Linear

D. Weighted routing

Answer: iOS – Android

Notes: With canary, traffic is shifted in two increments. You can choose from predefined canary options that specify the percentage of traffic shifted to your updated Lambda function version in the first increment and the interval, in minutes, before the remaining traffic is shifted in the second increment.

References: Canary Deployment

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q39: A financial institution has an application that produces huge amounts of actuary data, which is ultimately expected to be in the terabyte range. There is a need to run complex analytic queries against terabytes of structured data, using sophisticated query optimization, columnar storage on high-performance storage, and massively parallel query execution. Which storage service will best meet this requirement?

A. RDS

B. DynamoDB

C. Redshift

D. ElastiCache

Answer: C

Notes: Amazon Redshift is a fast, fully-managed cloud data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools. It enables you to run complex analytic queries against terabytes to petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance storage, and massively parallel query execution. Most results come back in seconds. With Redshift, you can start small for just $0.25 per hour with no commitments and scale-out to petabytes of data for $1,000 per terabyte per year, less than a tenth of the cost of traditional on-premises solutions. Amazon Redshift also includes Amazon Redshift Spectrum, allowing you to run SQL queries directly against exabytes of unstructured data in Amazon S3 data lakes. No loading or transformation is required, and you can use open data formats, including Avro, CSV, Grok, Amazon Ion, JSON, ORC, Parquet, RCFile, RegexSerDe, Sequence, Text, and TSV. Redshift Spectrum automatically scales query compute capacity based on the data retrieved, so queries against Amazon S3 run fast, regardless of data set size.

References: Amazon Redshift

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q40: A company has an application for sharing static content, such as photos. The popularity of the application has grown, and the company is now sharing content worldwide. This worldwide service has caused some issues with latency. What AWS services can be used to host a static website, serve content to globally dispersed users, and address latency issues, while keeping cost under control? Choose two.

A. EC2 placement group

B. S3

C. Cloudfront

D. AWS Global Accelerator

E. AWS CloudFormation

Answer: iOS – Android

Notes: Amazon S3 is an object storage built to store and retrieve any amount of data from anywhere on the Internet. It’s a simple storage service that offers an extremely durable, highly available, and infinitely scalable data storage infrastructure at very low costs. AWS Global Accelerator and Amazon CloudFront are separate services that use the AWS global network and its edge locations around the world. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery). Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions. Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover. Both services integrate with AWS Shield for DDoS protection.

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. CloudFront works seamlessly with services including AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing, or Amazon EC2 as origins for your applications, and Lambda@Edge to run custom code closer to customers’ users and to customize the user experience. Lastly, if you use AWS origins such as Amazon S3, Amazon EC2, or Elastic Load Balancing, you don’t pay for any data transferred between these services and CloudFront.

References: CloudFront – S3

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q41: You have just been hired by a large organization which uses many different AWS services in their environment. Some of the services which handle data include: RDS, Redshift, ElastiCache, DynamoDB, S3, and Glacier. You have been instructed to configure a web application using stateless web servers. Which services can you use to handle session state data? Choose two.

 

A. RDS

B. Glacier

C. Redshift

D. Elasticache

E. DynamoDB

Answer: iOS – Android

Notes: Elasticache and DynamoDB both can be used to store session data.

References:

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q42: After an IT Steering Committee meeting you have been put in charge of configuring a hybrid environment for the company’s compute resources. You weigh the pros and cons of various technologies based on the requirements you are given. Your primary requirement is the necessity for a private, dedicated connection, which bypasses the Internet and can provide throughput of 10 Gbps. Which option will you select?

A. AWS Direct Connect

B. VPC Peering

C. AWS VPN

D. AWS Direct Gateway

Answer: A

Notes: AWS Direct Connect can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections. It uses industry-standard 802.1q VLANs to connect to Amazon VPC using private IP addresses. You can choose from an ecosystem of WAN service providers for integrating your AWS Direct Connect endpoint in an AWS Direct Connect location with your remote networks. AWS Direct Connect lets you establish 1 Gbps or 10 Gbps dedicated network connections (or multiple connections) between AWS networks and one of the AWS Direct Connect locations. You can also work with your provider to create sub-1G connection or use link aggregation group (LAG) to aggregate multiple 1 gigabit or 10 gigabit connections at a single AWS Direct Connect endpoint, allowing you to treat them as a single, managed connection. A Direct Connect gateway is a globally available resource to enable connections to multiple Amazon VPCs across different regions or AWS accounts.

References: AWS Direct Connect

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q43: An application is hosted on an EC2 instance in a VPC. The instance is in a subnet in the VPC, and the instance has a public IP address. There is also an internet gateway and a security group with the proper ingress configured. But your testers are unable to access the instance from the Internet. What could be the problem?

A. Make sure the instance has a private IP address.

B. Add a route to the route table, from the subnet containing the instance, to the Internet Gateway.

C. A NAT gateway needs to be configured.

D. A Virtual private gateway needs to be configured.

Answer: iOS – Android

Notes:

The question doesn't state if the subnet containing the instance is public or private. An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. To enable access to or from the internet for instances in a subnet in a VPC, you must do the following:

  • Attach an internet gateway to your VPC.
  • Add a route to your subnet's route table that directs internet-bound traffic to the internet gateway. If a subnet is associated with a route table that has a route to an internet gateway, it's known as a public subnet. If a subnet is associated with a route table that does not have a route to an internet gateway, it's known as a private subnet.
  • Ensure that instances in your subnet have a globally unique IP address (public IPv4 address, Elastic IP address, or IPv6 address).
  • Ensure that your network access control lists and security group rules allow the relevant traffic to flow to and from your instance.
  • In your subnet route table, you can specify a route for the internet gateway to all destinations not explicitly known to the route table (0.0.0.0/0 for IPv4 or ::/0 for IPv6). Alternatively, you can scope the route to a narrower range of IP addresses. For example, the public IPv4 addresses of your company’s public endpoints outside of AWS, or the elastic IP addresses of other Amazon EC2 instances outside your VPC. To enable communication over the Internet for IPv4, your instance must have a public IPv4 address or an Elastic IP address that's associated with a private IPv4 address on your instance. Your instance is only aware of the private (internal) IP address space defined within the VPC and subnet. The internet gateway logically provides the one-to-one NAT on behalf of your instance so that when traffic leaves your VPC subnet and goes to the Internet, the reply address field is set to the public IPv4 address or elastic IP address of your instance and not its private IP address. Conversely, traffic that's destined for the public IPv4 address or elastic IP address of your instance has its destination address translated into the instance's private IPv4 address before the traffic is delivered to the VPC. To enable communication over the Internet for IPv6, your VPC and subnet must have an associated IPv6 CIDR block, and your instance must be assigned an IPv6 address from the range of the subnet. IPv6 addresses are globally unique, and therefore public by default.

References: VPC Internet Gateway – Route Table

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q44: A data company has implemented a subscription service for storing video files. There are two levels of subscription: personal and professional use. The personal users can upload a total of 5 GB of data, and professional users can upload as much as 5 TB of data. The application can upload files of size up to 1 TB to an S3 Bucket. What is the best way to upload files of this size?

A. Multipart upload

B. Single-part Upload

C. AWS Snowball

D. AWS SnowMobile

Answers: A

Notes: The Multipart upload API enables you to upload large objects in parts. You can use this API to upload new large objects or make a copy of an existing object (see Operations on Objects). Multipart uploading is a three-step process: You initiate the upload, you upload the object parts, and after you have uploaded all the parts, you complete the multipart upload. Upon receiving the complete multipart upload request, Amazon S3 constructs the object from the uploaded parts, and you can then access the object just as you would any other object in your bucket. You can list all of your in-progress multipart uploads or get a list of the parts that you have uploaded for a specific multipart upload. Each of these operations is explained in this section.

References: Multipart upload API

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q45: You have multiple EC2 instances housing applications in a VPC in a single Availability Zone. The applications need to communicate at extremely high throughputs to avoid latency for end users. The average throughput needs to be 6 Gbps. What’s the best measure you can do to ensure this throughput?

A. Put the instances in a placement group

B. Use Elastic Network Interfaces

C. Use Auto Scaling Groups

D. Increase the size of the instances

Answer: iOS – Android

Notes: Amazon Web Services' (AWS) solution to reducing latency between instances involves the use of placement groups. As the name implies, a placement group is just that — a group. AWS instances that exist within a common availability zone can be grouped into a placement group. Group members are able to communicate with one another in a way that provides low latency and high throughput. A cluster placement group is a logical grouping of instances within a single Availability Zone. A cluster placement group can span peered VPCs in the same Region. Instances in the same cluster placement group enjoy a higher per-flow throughput limit of up to 10 Gbps for TCP/IP traffic and are placed in the same high-bisection bandwidth segment of the network.

References: Placement Group

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q46: A team member has been tasked to configure four EC2 instances for four separate applications. These are not high-traffic apps, so there is no need for an Auto Scaling Group. The instances are all in the same public subnet and each instance has an EIP address, and all of the instances have the same Security Group. But none of the instances can send or receive internet traffic. You verify that all the instances have a public IP address. You also verify that an internet gateway has been configured. What is the most likely issue?

A. There is no route in the route table to the internet gateway (or it has been deleted).

B. Each instance needs its own security group.

C. The route table is corrupt.

D. You are using the default nacl.

Answers:  A

Notes: The question details all of the configuration needed for internet access, except for a route to the IGW in the route table. This is definitely a key step in any checklist for internet connectivity. It is quite possible to have a subnet with the 'Public' attribute set but no route to the Internet in the assigned Route table. (test it yourself). This may have been a setup error, or someone may have thoughtlessly altered the shared Route table for a special case instead of creating a new Route table for the special case.

References: Public – Private VPC

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q47: You have been assigned to create an architecture which uses load balancers to direct traffic to an Auto Scaling Group of EC2 instances across multiple Availability Zones. The application to be deployed on these instances is a life insurance application which requires path-based and host-based routing. Which type of load balancer will you need to use?

A. Any type of load balancer will meet these requirements.

B. Classic Load Balancer

C. Network Load Balancer

D. Application Load Balancer

Answers: D

Notes: Only the Application Load Balancer can support path-based and host-based routing. Using an Application Load Balancer instead of a Classic Load Balancer has the following benefits:

  • Support for path-based routing. You can configure rules for your listener that forward requests based on the URL in the request. This enables you to structure your application as smaller services, and route requests to the correct service based on the content of the URL.
  • Support for host-based routing. You can configure rules for your listener that forward requests based on the host field in the HTTP header. This enables you to route requests to multiple domains using a single load balancer.
  • Support for routing based on fields in the request, such as standard and custom HTTP headers and methods, query parameters, and source IP addresses.
  • Support for routing requests to multiple applications on a single EC2 instance. You can register each instance or IP address with the same target group using multiple ports.
  • Support for redirecting requests from one URL to another.
  • Support for returning a custom HTTP response.
  • Support for registering targets by IP address, including targets outside the VPC for the load balancer.
  • Support for registering Lambda functions as targets.
  • Support for the load balancer to authenticate users of your applications through their corporate or social identities before routing requests.
  • Support for containerized applications. Amazon Elastic Container Service (Amazon ECS) can select an unused port when scheduling a task and register the task with a target group using this port. This enables you to make efficient use of your clusters.
  • Support for monitoring the health of each service independently, as health checks are defined at the target group level and many CloudWatch metrics are reported at the target group level. Attaching a target group to an Auto Scaling group enables you to scale each service dynamically based on demand.
  • Access logs contain additional information and are stored in compressed format.
  • Improved load balancer performance.

References: Application Load Balancer – ELB FAQS

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q48: You have been assigned to create an architecture which uses load balancers to direct traffic to an Auto Scaling Group of EC2 instances across multiple Availability Zones. You were considering using an Application Load Balancer, but some of the requirements you have been given seem to point to a Classic Load Balancer. Which requirement would be better served by an Application Load Balancer?

A. Support for EC2-Classic

B. Path-based routing

C. Support for sticky sessions using application-generated cookies

D. Support for TCP and SSL listeners

Answers: B

Notes:

Using an Application Load Balancer instead of a Classic Load Balancer has the following benefits:

  • Support for path-based routing. You can configure rules for your listener that forward requests based on the URL in the request. This enables you to structure your application as smaller services, and route requests to the correct service based on the content of the URL.

References: Path-based Routing

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q49: You have been tasked to review your company disaster recovery plan due to some new requirements. The driving factor is that the Recovery Time Objective has become very aggressive. Because of this, it has been decided to configure Multi-AZ deployments for the RDS MySQL databases. Unrelated to DR, it has been determined that some read traffic needs to be offloaded from the master database. What step can be taken to meet this requirement?

A. Convert to Aurora to allow the standby to serve read traffic.

B. Redirect some of the read traffic to the standby database.

C. Add DAX to the solution to alleviate excess read traffic.

D. Add read replicas to offload some read traffic.

Answer: iOS – Android

Notes: Amazon RDS Read Replicas for MySQL and MariaDB now support Multi-AZ deployments. Combining Read Replicas with Multi-AZ enables you to build a resilient disaster recovery strategy and simplify your database engine upgrade process. Amazon RDS Read Replicas enable you to create one or more read-only copies of your database instance within the same AWS Region or in a different AWS Region. Updates made to the source database are then asynchronously copied to your Read Replicas. In addition to providing scalability for read-heavy workloads, Read Replicas can be promoted to become a standalone database instance when needed.

References: Amazon RDS Read Replicas

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q50: A gaming company is designing several new games which focus heavily on player-game interaction. The player makes a certain move and the game has to react very quickly to change the environment based on that move and to present the next decision for the player in real-time. A tool is needed to continuously collect data about player-game interactions and feed the data into the gaming platform in real-time. Which AWS service can best meet this need?

A. AWS Lambda

B. Kinesis Data Streams

C. Kinesis Data Analytics

D. AWS IoT

Answers: B

Notes: Kinesis Data Streams can be used to continuously collect data about player-game interactions and feed the data into your gaming platform. With Kinesis Data Streams, you can design a game that provides engaging and dynamic experiences based on players’ actions and behaviors.

References: Kinesis Data Streams

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q51: You are designing an architecture for a financial company which provides a day trading application to customers. After viewing the traffic patterns for the existing application you notice that traffic is fairly steady throughout the day, with the exception of large spikes at the opening of the market in the morning and at closing around 3 pm. Your architecture will include an Auto Scaling Group of EC2 instances. How can you configure the Auto Scaling Group to ensure that system performance meets the increased demands at opening and closing of the market?

A. Configure a Dynamic Scaling Policy to scale based on CPU Utilization.

B. Use a load balancer to ensure that the load is distributed evenly during high-traffic periods.

C. Configure your Auto Scaling Group to have a desired size which will be able to meet the demands of the high-traffic periods.

D. Use a predictive scaling policy on the Auto Scaling Group to meet opening and closing spikes.

Answer: iOS – Android

Notes: Use a predictive scaling policy on the Auto Scaling Group to meet opening and closing spikes: Using data collected from your actual EC2 usage and further informed by billions of data points drawn from our own observations, we use well-trained Machine Learning models to predict your expected traffic (and EC2 usage) including daily and weekly patterns. The model needs at least one day’s of historical data to start making predictions; it is re-evaluated every 24 hours to create a forecast for the next 48 hours. What we can gather from the question is that the spikes at the beginning and end of day can potentially affect performance. Sure, we can use dynamic scaling, but remember, scaling up takes a little bit of time. We have the information to be proactive, use predictive scaling, and be ready for these spikes at opening and closing.

References: predictive scaling policy on the Auto Scaling Group

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q52: A software gaming company has produced an online racing game which uses CloudFront for fast delivery to worldwide users. The game also uses DynamoDB for storing in-game and historical user data. The DynamoDB table has a preconfigured read and write capacity. Users have been reporting slow down issues, and an analysis has revealed that the DynamoDB table has begun throttling during peak traffic times. Which step can you take to improve game performance?

A. Add a load balancer in front of the web servers.

B. Add ElastiCache to cache frequently accessed data in memory.

C. Add an SQS Queue to queue requests which could be lost.

D. Make sure DynamoDB Auto Scaling is turned on.

Answers: D

Notes: Amazon DynamoDB auto scaling uses the AWS Application Auto Scaling service to dynamically adjust provisioned throughput capacity on your behalf, in response to actual traffic patterns. This enables a table or a global secondary index to increase its provisioned read and write capacity to handle sudden increases in traffic, without throttling. When the workload decreases, Application Auto Scaling decreases the throughput so that you don't pay for unused provisioned capacity. Note that if you use the AWS Management Console to create a table or a global secondary index, DynamoDB auto scaling is enabled by default. You can modify your auto scaling settings at any time.

References: DynamoDB AutoScaling

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q53: You have configured an Auto Scaling Group of EC2 instances. You have begun testing the scaling of the Auto Scaling Group using a stress tool to force the CPU utilization metric being used to force scale out actions. The stress tool is also being manipulated by removing stress to force a scale in. But you notice that these actions are only taking place in five-minute intervals. What is happening?

A. Auto Scaling Groups can only scale in intervals of five minutes or greater.

B. The Auto Scaling Group is following the default cooldown procedure.

C. A load balancer is managing the load and limiting the effectiveness of stressing the servers.

D. The stress tool is configured to run for five minutes.

Answer: iOS – Android

Notes: The cooldown period helps you prevent your Auto Scaling group from launching or terminating additional instances before the effects of previous activities are visible. You can configure the length of time based on your instance startup time or other application needs. When you use simple scaling, after the Auto Scaling group scales using a simple scaling policy, it waits for a cooldown period to complete before any further scaling activities due to simple scaling policies can start. An adequate cooldown period helps to prevent the initiation of an additional scaling activity based on stale metrics. By default, all simple scaling policies use the default cooldown period associated with your Auto Scaling Group, but you can configure a different cooldown period for certain policies, as described in the following sections. Note that Amazon EC2 Auto Scaling honors cooldown periods when using simple scaling policies, but not when using other scaling policies or scheduled scaling. A default cooldown period automatically applies to any scaling activities for simple scaling policies, and you can optionally request to have it apply to your manual scaling activities. When you use the AWS Management Console to update an Auto Scaling Group, or when you use the AWS CLI or an AWS SDK to create or update an Auto Scaling Group, you can set the optional default cooldown parameter. If a value for the default cooldown period is not provided, its default value is 300 seconds.

References: EC2 AutoScaling cooldown

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q54: A team of architects is designing a new AWS environment for a company which wants to migrate to the Cloud. The architects are considering the use of EC2 instances with instance store volumes. The architects realize that the data on the instance store volumes are ephemeral. Which action will not cause the data to be deleted on an instance store volume?

A. Reboot

B. The underlying disk drive fails.

C. Hardware disk failure.

D. Instance is stopped

Answers: A

Notes: Some Amazon Elastic Compute Cloud (Amazon EC2) instance types come with a form of directly attached, block-device storage known as the instance store. The instance store is ideal for temporary storage, because the data stored in instance store volumes is not persistent through instance stops, terminations, or hardware failures.

References: Instance store vs EBS – EC2 instance storage user guide

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q55: You work for an advertising company that has a real-time bidding application. You are also using CloudFront on the front end to accommodate a worldwide user base. Your users begin complaining about response times and pauses in real-time bidding. Which service can be used to reduce DynamoDB response times by an order of magnitude (milliseconds to microseconds)?

A. DAX

B. DynamoDB Auto Scaling

C. Elasticache

D. CloudFront Edge Caches

Answers: A

Notes: Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache that can reduce Amazon DynamoDB response times from milliseconds to microseconds, even at millions of requests per second. While DynamoDB offers consistent single-digit millisecond latency, DynamoDB with DAX takes performance to the next level with response times in microseconds for millions of requests per second for read-heavy workloads. With DAX, your applications remain fast and responsive, even when a popular event or news story drives unprecedented request volumes your way. No tuning required.

References:

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q56: A travel company has deployed a website which serves travel updates to users all over the world. The traffic this database serves is very read heavy and can have some latency issues at certain times of the year. What can you do to alleviate these latency issues?

A. Place CloudFront in front of the Database.

B. Add read replicas

C. Configure RDS Multi-AZ

D. Configure multi-Region RDS

Answer: iOS – Android

Notes: Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads. You can create one or more replicas of a given source DB Instance and serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput. Read replicas can also be promoted when needed to become standalone DB instances. Read replicas are available in Amazon RDS for MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server as well as Amazon Aurora.

References: Amazon RDS Read Replicas

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q57: A large financial institution is gradually moving their infrastructure and applications to AWS. The company has data needs that will utilize all of RDS, DynamoDB, Redshift, and ElastiCache. Which description best describes Amazon Redshift?

A. Key-value and document database that delivers single-digit millisecond performance at any scale.

B. Cloud-based relational database.

C. Can be used to significantly improve latency and throughput for many read-heavy application workloads.

D. Near real-time complex querying on massive data sets.

Answers: D

Notes: Amazon Redshift is a fast, fully-managed cloud data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools. It allows you to run complex analytic queries against terabytes to petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance storage, and massively parallel query execution. Most results come back in seconds. With Redshift, you can start small for just $0.25 per hour with no commitments and scale out to petabytes of data for $1,000 per terabyte per year, less than a tenth the cost of traditional on-premises solutions. Amazon Redshift also includes Amazon Redshift Spectrum, allowing you to run SQL queries directly against exabytes of unstructured data in Amazon S3 data lakes. No loading or transformation is required, and you can use open data formats, including Avro, CSV, Grok, Amazon Ion, JSON, ORC, Parquet, RCFile, RegexSerDe, Sequence, Text, and TSV. Redshift Spectrum automatically scales query compute capacity based on the data retrieved, so queries against Amazon S3 run fast, regardless of data set size.

References: Redshift

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q58: You are designing an architecture which will house an Auto Scaling Group of EC2 instances. The application hosted on the instances is expected to be an extremely popular social networking site. Forecasts for traffic to this site expect very high traffic and you will need a load balancer to handle tens of millions of requests per second while maintaining high throughput at ultra low latency. You need to select the type of load balancer to front your Auto Scaling Group to meet this high traffic requirement. Which load balancer will you select?

A. You will need an Application Load Balancer to meet this requirement.

B. All the AWS load balancers meet the requirement and perform the same.

C. You will select a Network Load Balancer to meet this requirement.

D. You will need a Classic Load Balancer to meet this requirement.

Answers: C

Notes: Network Load Balancer Overview: A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model. It can handle millions of requests per second. After the load balancer receives a connection request, it selects a target from the target group for the default rule. It attempts to open a TCP connection to the selected target on the port specified in the listener configuration. When you enable an Availability Zone for the load balancer, Elastic Load Balancing creates a load balancer node in the Availability Zone. By default, each load balancer node distributes traffic across the registered targets in its Availability Zone only. If you enable cross-zone load balancing, each load balancer node distributes traffic across the registered targets in all enabled Availability Zones. It is designed to handle tens of millions of requests per second while maintaining high throughput at ultra low latency, with no effort on your part. The Network Load Balancer is API-compatible with the Application Load Balancer, including full programmatic control of Target Groups and Targets. Here are some of the most important features:

  • Static IP Addresses – Each Network Load Balancer provides a single IP address for each Availability Zone in its purview. If you have targets in us-west-2a and other targets in us-west-2c, NLB will create and manage two IP addresses (one per AZ); connections to that IP address will spread traffic across the instances in all the VPC subnets in the AZ. You can also specify an existing Elastic IP for each AZ for even greater control. With full control over your IP addresses, a Network Load Balancer can be used in situations where IP addresses need to be hard-coded into DNS records, customer firewall rules, and so forth.
  • Zonality – The IP-per-AZ feature reduces latency with improved performance, improves availability through isolation and fault tolerance, and makes the use of Network Load Balancers transparent to your client applications. Network Load Balancers also attempt to route a series of requests from a particular source to targets in a single AZ while still providing automatic failover should those targets become unavailable.
  • Source Address Preservation – With Network Load Balancer, the original source IP address and source ports for the incoming connections remain unmodified, so application software need not support X-Forwarded-For, proxy protocol, or other workarounds. This also means that normal firewall rules, including VPC Security Groups, can be used on targets.
  • Long-running Connections – NLB handles connections with built-in fault tolerance, and can handle connections that are open for months or years, making them a great fit for IoT, gaming, and messaging applications.
  • Failover – Powered by Route 53 health checks, NLB supports failover between IP addresses within and across regions.

References: Network Load Balancer

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q59: An organization of about 100 employees has performed the initial setup of users in IAM. All users except administrators have the same basic privileges. But now it has been determined that 50 employees will have extra restrictions on EC2. They will be unable to launch new instances or alter the state of existing instances. What will be the quickest way to implement these restrictions?

A. Create an IAM Role for the restrictions. Attach it to the EC2 instances.

B. Create the appropriate policy. Place the restricted users in the new policy.

C. Create the appropriate policy. With only 20 users, attach the policy to each user.

D. Create the appropriate policy. Create a new group for the restricted users. Place the restricted users in the new group and attach the policy to the group.

Answer: iOS – Android

Notes: You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. A policy is an object in AWS that, when associated with an identity or resource, defines their permissions. AWS evaluates these policies when an IAM principal (user or role) makes a request. Permissions in the policies determine whether the request is allowed or denied. Most policies are stored in AWS as JSON documents. AWS supports six types of policies: identity-based policies, resource-based policies, permissions boundaries, Organizations SCPs, ACLs, and session policies. IAM policies define permissions for an action regardless of the method that you use to perform the operation. For example, if a policy allows the GetUser action, then a user with that policy can get user information from the AWS Management Console, the AWS CLI, or the AWS API. When you create an IAM user, you can choose to allow console or programmatic access. If console access is allowed, the IAM user can sign in to the console using a user name and password. Or if programmatic access is allowed, the user can use access keys to work with the CLI or API.

References: IAM Access Policy

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Q60: You are managing S3 buckets in your organization. This management of S3 extends to Amazon Glacier. For auditing purposes you would like to be informed if an object is restored to S3 from Glacier. What is the most efficient way you can do this?

A. Create a CloudWatch event for uploads to S3

B. Create an SNS notification for any upload to S3.

C. Configure S3 notifications for restore operations from Glacier.

D. Create a Lambda function which is triggered by restoration of object from Glacier to S3.

Answers: C

Notes: The Amazon S3 notification feature enables you to receive notifications when certain events happen in your bucket. To enable notifications, you must first add a notification configuration that identifies the events you want Amazon S3 to publish and the destinations where you want Amazon S3 to send the notifications. An S3 notification can be set up to notify you when objects are restored from Glacier to S3.

References: S3 notifications

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q61: Your company has gotten back results from an audit. One of the mandates from the audit is that your application, which is hosted on EC2, must encrypt the data before writing this data to storage. Which service could you use to meet this requirement?

A. AWS Cloud HSM

B. Security Token Service

C. EBS encryption

D. AWS KMS

Answers: D

Notes: You can configure your application to use the KMS API to encrypt all data before saving it to disk. This link details how to choose an encryption service for various use cases:

References: AWS KMS

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q62: Recent worldwide events have dictated that you perform your duties as a Solutions Architect from home. You need to be able to manage several EC2 instances while working from home and have been testing the ability to ssh into these instances. One instance in particular has been a problem and you cannot ssh into this instance. What should you check first to troubleshoot this issue?

A. Make sure that the security group for the instance has ingress on port 80 from your home IP address.

B. Make sure that your VPC has a connected Virtual Private Gateway.

C. Make sure that the security group for the instance has ingress on port 22 from your home IP address.

D. Make sure that the Security Group for the instance has ingress on port 443 from your home IP address.

Answer: iOS – Android

Notes: The rules of a security group control the inbound traffic that's allowed to reach the instances that are associated with the security group. The rules also control the outbound traffic that's allowed to leave them. The following are the characteristics of security group rules:

  • By default, security groups allow all outbound traffic.
  • Security group rules are always permissive; you can't create rules that deny access.
  • Security groups are stateful. If you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. For VPC security groups, this also means that responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules. For more information, see Connection tracking.
  • You can add and remove rules at any time. Your changes are automatically applied to the instances that are associated with the security group. The effect of some rule changes can depend on how the traffic is tracked. For more information, see Connection tracking. When you associate multiple security groups with an instance, the rules from each security group are effectively aggregated to create one set of rules. Amazon EC2 uses this set of rules to determine whether to allow access. You can assign multiple security groups to an instance. Therefore, an instance can have hundreds of rules that apply. This might cause problems when you access the instance. We recommend that you condense your rules as much as possible.

References: Security Groups Rules

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q62: A consultant is hired by a small company to configure an AWS environment. The consultant begins working with the VPC and launching EC2 instances within the VPC. The initial instances will be placed in a public subnet. The consultant begins to create security groups. What is true of the default security group?

A. You can delete this group, however, you can’t change the group’s rules.

B. You can delete this group or you can change the group’s rules.

C. You can’t delete this group, nor can you change the group’s rules.

D. You can’t delete this group, however, you can change the group’s rules.

Answers: D

Notes: Your VPC includes a default security group. You can't delete this group, however, you can change the group's rules. The procedure is the same as modifying any other security group. For more information, see Adding, removing, and updating rules.

References: VPC Security Groups

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q63: You are evaluating the security setting within the main company VPC. There are several NACLs and security groups to evaluate and possibly edit. What is true regarding NACLs and security groups?

A. Network ACLs and security groups are both stateful.

B. Network ACLs and security groups are both stateless.

C. Network ACLs are stateless, and security groups are stateful.

D. Network ACLs and stateful, and security groups are stateless.

Answer: iOS – Android

Notes: Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).

The following are the basic characteristics of security groups for your VPC:

  • There are quotas on the number of security groups that you can create per VPC, the number of rules that you can add to each security group, and the number of security groups that you can associate with a network interface. For more information, see Amazon VPC quotas.
  • You can specify allow rules, but not deny rules.
  • You can specify separate rules for inbound and outbound traffic.
  • When you create a security group, it has no inbound rules. Therefore, no inbound traffic originating from another host to your instance is allowed until you add inbound rules to the security group.
  • By default, a security group includes an outbound rule that allows all outbound traffic. You can remove the rule and add outbound rules that allow specific outbound traffic only. If your security group has no outbound rules, no outbound traffic originating from your instance is allowed.
  • Security groups are stateful. If you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.
  • References: VPC Security Groups – NACL

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q64: Your company needs to deploy an application in the company AWS account. The application will reside on EC2 instances in an Auto Scaling Group fronted by an Application Load Balancer. The company has been using Elastic Beanstalk to deploy the application due to limited AWS experience within the organization. The application now needs upgrades and a small team of subcontractors have been hired to perform these upgrades. What can be used to provide the subcontractors with short-lived access tokens that act as temporary security credentials to the company AWS account?

A. IAM Roles

B. AWS STS

C. IAM user accounts

D. AWS SSO

Answers: B

Notes: AWS Security Token Service (AWS STS) is the service that you can use to create and provide trusted users with temporary security credentials that can control access to your AWS resources. Temporary security credentials work almost identically to the long-term access key credentials that your IAM users can use. You can use the AWS Security Token Service (AWS STS) to create and provide trusted users with temporary security credentials that can control access to your AWS resources. Temporary security credentials work almost identically to the long-term access key credentials that your IAM users can use, with the following differences: Temporary security credentials are short-term, as the name implies. They can be configured to last for anywhere from a few minutes to several hours. After the credentials expire, AWS no longer recognizes them or allows any kind of access from API requests made with them. Temporary security credentials are not stored with the user but are generated dynamically and provided to the user when requested. When (or even before) the temporary security credentials expire, the user can request new credentials, as long as the user requesting them still has permissions to do so.

References: AWS STS

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Q65: The company you work for has reshuffled teams a bit and you’ve been moved from the AWS IAM team to the AWS Network team. One of your first assignments is to review the subnets in the main VPCs. What are two key concepts regarding subnets?

A. A subnet spans all the Availability Zones in a Region.

B. Private subnets can only hold database.

C. Each subnet maps to a single Availability Zone.

D. Every subnet you create is associated with the main route table for the VPC.

E. Each subnet is associated with one security group.

Answer: iOS – Android

Notes: A VPC spans all the Availability Zones in the region. After creating a VPC, you can add one or more subnets in each Availability Zone. When you create a subnet, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. Each subnet must reside entirely within one Availability Zone and cannot span zones. Availability Zones are distinct locations that are engineered to be isolated from failures in other Availability Zones. By launching instances in separate Availability Zones, you can protect your applications from the failure of a single location. A VPC spans all of the Availability Zones in the Region. After creating a VPC, you can add one or more subnets in each Availability Zone. You can optionally add subnets in a Local Zone, which is an AWS infrastructure deployment that places compute, storage, database, and other select services closer to your end users. A Local Zone enables your end users to run applications that require single-digit millisecond latencies. For information about the Regions that support Local Zones, see Available Regions in the Amazon EC2 User Guide for Linux Instances. When you create a subnet, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block. We assign a unique ID to each subnet.

References: VPC Subnets

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot

Bonus1:You have been evaluating the NACLS in your company. Most of the NACLs are configured the same: 100 All Traffic Allow 200 All Traffic Deny ‘*’ All Traffic Deny If a request comes in, how will it be evaluated?

A. The default will deny traffic.

B. The request will be allowed.

C. The highest numbered rule will be used, a deny.

D. All rules will be evaluated and the end result will be Deny.

Answer: B

Notes: Rules are evaluated starting with the lowest numbered rule. As soon as a rule matches traffic, it's applied immediately regardless of any higher-numbered rule that may contradict it. The following are the basic things that you need to know about network ACLs: Your VPC automatically comes with a modifiable default network ACL. By default, it allows all inbound and outbound IPv4 traffic and, if applicable, IPv6 traffic. You can create a custom network ACL and associate it with a subnet. By default, each custom network ACL denies all inbound and outbound traffic until you add rules. Each subnet in your VPC must be associated with a network ACL. If you don't explicitly associate a subnet with a network ACL, the subnet is automatically associated with the default network ACL. You can associate a network ACL with multiple subnets. However, a subnet can be associated with only one network ACL at a time. When you associate a network ACL with a subnet, the previous association is removed. A network ACL contains a numbered list of rules. We evaluate the rules in order, starting with the lowest-numbered rule, to determine whether traffic is allowed in or out of any subnet associated with the network ACL. The highest number that you can use for a rule is 32766. We recommend that you start by creating rules in increments (for example, increments of 10 or 100) so that you can insert new rules where you need to later on. A network ACL has separate inbound and outbound rules, and each rule can either allow or deny traffic. Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).

References: network ACL

Bonus2: You have been given an assignment to configure Network ACLs in your VPC. Before configuring the NACLs, you need to understand how the NACLs are evaluated. How are NACL rules evaluated?

A. NACL rules are evaluated by rule number from lowest to highest and executed immediately when a matching rule is found.

B. NACL rules are evaluated by rule number from highest to lowest, and executed immediately when a matching rule is found.

C. All NACL rules that you configure are evaluated before traffic is passed through.

D. NACL rules are evaluated by rule number from highest to lowest, and all are evaluated before traffic is passed through.

Answer: A

Notes: NACL rules are evaluated by rule number from lowest to highest and executed immediately when a matching rule is found.

You can add or remove rules from the default network ACL, or create additional network ACLs for your VPC. When you add or remove rules from a network ACL, the changes are automatically applied to the subnets that it's associated with. A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC. The following are the parts of a network ACL rule:

  • Rule number. Rules are evaluated starting with the lowest-numbered rule. As soon as a rule matches traffic, it's applied regardless of any higher-numbered rule that might contradict it.
  • Type. The type of traffic, for example, SSH. You can also specify all traffic or a custom range.
  • Protocol. You can specify any protocol that has a standard protocol number. For more information, see Protocol Numbers. If you specify ICMP as the protocol, you can specify any or all of the ICMP types and codes.
  • Port range. The listening port or port range for the traffic. For example, 80 for HTTP traffic.
  • Source. [Inbound rules only] The source of the traffic (CIDR range).
  • Destination. [Outbound rules only] The destination for the traffic (CIDR range).
  • Allow/Deny. Whether to allow or deny the specified traffic.
  • Reference: NACL Rules

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Bonus3: Your company has gone through an audit with a focus on data storage. You are currently storing historical data in Amazon Glacier. One of the results of the audit is that a portion of the infrequently-accessed historical data must be able to be accessed immediately upon request. Where can you store this data to meet this requirement?

A. S3 Standard

B. Leave infrequently-accessed data in Glacier.

C. S3 Standard-IA

D. Store the data in EBS

Answer: C

Notes: S3 Standard-IA is for data that is accessed less frequently, but requires rapid access when needed. S3 Standard-IA offers the high durability, high throughput, and low latency of S3 Standard, with a low-per-GB storage price and per GB retrieval fee. This combination of low cost and high performance make S3 Standard-IA ideal for long-term storage, backups, and as a data store for disaster recovery files. S3 Storage Classes can be configured at the object level and a single bucket can contain objects stored across S3 Standard, S3 Intelligent-Tiering, S3 Standard-IA, and S3 One Zone-IA. You can also use S3 Lifecycle policies to automatically transition objects between storage classes without any application changes.

Reference: S3 Standard-IA

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Bonus4: After an IT Steering Committee meeting, you have been put in charge of configuring a hybrid environment for the company’s compute resources. You weigh the pros and cons of various technologies, such as VPN and Direct Connect, and based on the requirements you have decided to configure a VPN connection. What features and advantages can a VPN connection provide?

A VPN  provides a connection between an on-premises network and a VPC, using a secure and private connection with IPsec and TLS.

A VPC/VPN Connection utilizes IPSec to establish encrypted network connectivity between your intranet and Amazon VPC over the Internet. VPN Connections can be configured in minutes and are a good solution if you have an immediate need, have low-to-modest bandwidth requirements, and can tolerate the inherent variability in Internet-based connectivity.

AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS resources or your on-premises network. With AWS Client VPN, you configure an endpoint to which your users can connect to establish a secure TLS VPN session. This enables clients to access resources in AWS or on-premises from any location using an OpenVPN-based VPN client.

You can create an IPsec VPN connection between your VPC and your remote network. On the AWS side of the Site-to-Site VPN connection, a virtual private gateway or transit gateway provides two VPN endpoints (tunnels) for automatic failover. You configure your customer gateway device on the remote side of the Site-to-Site VPN connection.

https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html

Bonus5: Your company has decided to go to a hybrid cloud environment. Part of this effort will be to move a large data warehouse to the cloud. The warehouse is 50TB, and will take over a month to migrate given the current bandwidth available. What is the best option available to perform this migration considering both cost and performance aspects?

AWS Snowball Edge.

The AWS Snowball Edge is a type of Snowball device with on-board storage and compute power for select AWS capabilities. Snowball Edge can undertake local processing and edge-computing workloads in addition to transferring data between your local environment and the AWS Cloud.

Each Snowball Edge device can transport data at speeds faster than the internet. This transport is done by shipping the data in the appliances through a regional carrier. The appliances are rugged shipping containers, complete with E Ink shipping labels. The AWS Snowball Edge device differs from the standard Snowball because it can bring the power of the AWS Cloud to your on-premises location, with local storage and compute functionality.

Snowball Edge devices have three options for device configurations: storage optimized, compute optimized, and with GPU. When this guide refers to Snowball Edge devices, it's referring to all options of the device. Whenever specific information applies to only one or more optional configurations of devices, like how the Snowball Edge with GPU has an on-board GPU, it will be called out. For more information, see Snowball Edge Device Options.  

Bonus6: You have been assigned the review of the security in your company AWS cloud environment. Your final deliverable will be a report detailing potential security issues. One of the first things that you need to describe is the responsibilities of the company under the shared responsibility module. Which measure is the customer’s responsibility?

EC2 instance OS Patching

Notes: Security and compliance is a shared responsibility between AWS and the customer. This shared model can help relieve the customer’s operational burden as AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. The customer assumes responsibility for, and management of, the guest operating system (including updates and security patches), other associated application software, and the configuration of the AWS provided security group firewall. Customers should carefully consider the services they choose, as their responsibilities vary depending on the services used, the integration of those services into their IT environment, and applicable laws and regulations. The nature of this shared responsibility also provides the flexibility and customer control that permits the deployment. As shown in the chart below, this differentiation of responsibility is commonly referred to as Security “of” the Cloud versus Security “in” the Cloud.

Customers that deploy an Amazon EC2 instance are responsible for management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance.

 

AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

What are the 5 pillars of a well architected framework:
1. Operational Excellence
The operational excellence pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. You can find prescriptive guidance on implementation in the Operational Excellence Pillar whitepaper.

2. Security
The security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. You can find prescriptive guidance on implementation in the Security Pillar whitepaper.
 

3. Reliability
The reliability pillar includes the ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. You can find prescriptive guidance on implementation in the Reliability Pillar whitepaper.

4. Performance Efficiency
The performance efficiency pillar includes the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve. You can find prescriptive guidance on implementation in the Performance Efficiency Pillar whitepaper.

5. Cost Optimization
The cost optimization pillar includes the ability to avoid or eliminate unneeded cost or suboptimal resources. You can find prescriptive guidance on implementation in the Cost Optimization Pillar whitepaper.

The AWS Well-Architected Framework provides architectural best practices across the five pillars for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.
The framework provides a set of questions that allows you to review an existing or proposed architecture. It also provides a set of AWS best practices for each pillar.
Using the Framework in your architecture helps you produce stable and efficient systems, which allows you to focus on functional requirements.

 

Other AWS Facts and Summaries and Questions/Answers Dump

  • AWS Certified Solution Architect Associate Exam Prep App
  • AWS S3 facts and summaries and Q&A Dump
  • AWS DynamoDB facts and summaries and Questions and Answers Dump
  • AWS EC2 facts and summaries and Questions and Answers Dump
  • AWS Serverless facts and summaries and Questions and Answers Dump
  • AWS Developer and Deployment Theory facts and summaries and Questions and Answers Dump
  • AWS IAM facts and summaries and Questions and Answers Dump
  • AWS Lambda facts and summaries and Questions and Answers Dump
  • AWS SQS facts and summaries and Questions and Answers Dump
  • AWS RDS facts and summaries and Questions and Answers Dump
  • AWS ECS facts and summaries and Questions and Answers Dump
  • AWS CloudWatch facts and summaries and Questions and Answers Dump
  • AWS SES facts and summaries and Questions and Answers Dump
  • AWS EBS facts and summaries and Questions and Answers Dump
  • AWS ELB facts and summaries and Questions and Answers Dump
  • AWS Autoscaling facts and summaries and Questions and Answers Dump
  • AWS VPC facts and summaries and Questions and Answers Dump
  • AWS KMS facts and summaries and Questions and Answers Dump
  • AWS Elastic Beanstalk facts and summaries and Questions and Answers Dump
  • AWS CodeBuild facts and summaries and Questions and Answers Dump
  • AWS CodeDeploy facts and summaries and Questions and Answers Dump
  • AWS CodePipeline facts and summaries and Questions and Answers Dump

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

What means undifferentiated heavy lifting?

The reality, of course, today is that if you come up with a great idea you don’t get to go quickly to a successful product. There’s a lot of undifferentiated heavy lifting that stands between your idea and that success. The kinds of things that I’m talking about when I say undifferentiated heavy lifting are things like these: figuring out which servers to buy, how many of them to buy, what time line to buy them.

Eventually you end up with heterogeneous hardware and you have to match that. You have to think about backup scenarios if you lose your data center or lose connectivity to a data center. Eventually you have to move facilities. There’s negotiations to be done. It’s a very complex set of activities that really is a big driver of ultimate success.

But they are undifferentiated from, it’s not the heart of, your idea. We call this muck. And it gets worse because what really happens is you don’t have to do this one time. You have to drive this loop. After you get your first version of your idea out into the marketplace, you’ve done all that undifferentiated heavy lifting, you find out that you have to cycle back. Change your idea. The winners are the ones that can cycle this loop the fastest.

On every cycle of this loop you have this undifferentiated heavy lifting, or muck, that you have to contend with. I believe that for most companies, and it’s certainly true at Amazon, that 70% of your time, energy, and dollars go into the undifferentiated heavy lifting and only 30% of your energy, time, and dollars gets to go into the core kernel of your idea.

I think what people are excited about is that they’re going to get a chance they see a future where they may be able to invert those two. Where they may be able to spend 70% of their time, energy and dollars on the differentiated part of what they’re doing.

— Jeff Bezos, 2006

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

AWS Certified Solutions Architect Associates Questions and Answers around the web.
 
1- How did you prepare for AWS Certified Solutions Architect – Associate Level certification?
 

Practical knowledge is 30% important and rest is Jayendra blog and Dumps.

Buying udemy courses doesn’t make you pass, I can tell surely without going to dumps and without going to jayendra’s blog not easy to clear the certification.

Read FAQs of S3, IAM, EC2, VPC, SQS, Autoscaling, Elastic Load Balancer, EBS, RDS, Lambda, API Gateway, ECS.

Read the Security Whitepaper and Shared Responsibility model.

The most important thing is basic questions from the last introduced topics to the exam is very important like Amazon Kinesis, etc…

– ACloudGuru course with practice test’s

– Created my own cheat sheet in excel

– Practice questions on various website

– Few AWS services FAQ’s

Exam feedback:

– Some questions were your understanding about which service to pick for the use case.

– many questions on VPC

– a couple of unexpected question on AWS CloudHSM, AWS systems manager, aws athena

– encryption at rest and in transit services

– migration from on-premise to AWS

– backup data in az vs regional

I believe the time was sufficient.

Overall I feel AWS SAA was more challenging in theory than GCP Associate CE.

some resources I bookmarked:

  • Comparison of AWS Services
  • Solutions Architect – Associate | Qwiklabs
  • okeeffed/cheat-sheets
  • A curated list of AWS resources to prepare for the AWS Certifications
  • AWS Cheat Sheet

Whitepapers are the important information about each services that are published by Amazon in their website. If you are preparing for the AWS certifications, it is very important to use the some of the most recommended whitepapers to read before writing the exam.

The following are the list of whitepapers that are useful for preparing solutions architect exam. Also you will be able to find the list of whitepapers in the exam blueprint.

  • Overview of Security Processes
  • Storage Options in the Cloud
  • Defining Fault Tolerant Applications in the AWS Cloud
  • Overview of Amazon Web Services
  • Compliance Whitepaper
  • Architecting for the AWS Cloud

Data Security questions could be the more challenging and it’s worth noting that you need to have a good understanding of security processes described in the whitepaper titled “Overview of Security Processes”.

In the above list, most important whitepapers are Overview of Security Processes and Storage Options in the Cloud. Read more here…

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

2- How do DynamoDB indices work?

What is Amazon DynamoDB?

Amazon DynamoDB is a fast, fully managed NoSQL database service. DynamoDB makes it simple and cost-effective to store and retrieve any amount of data and serve any level of request traffic.

DynamoDB is used to create tables that store and retrieve any level of data.

  • DynamoDB uses SSD’s to store data.
  • Provides Automatic and synchronous data.
  • Maximum item size is 400KB
  • Supports cross-region replication.

DynamoDB Core Concepts:

  • The fundamental concepts around DynamoDB are:
    • Tables-which is a collection of data.
    • Items- They are the individual entries in the table.
    • Attributes- These are the properties associated with the entries.
  • Primary Keys.
  • Secondary Indexes.
  • DynamoDB streams.

Secondary Indexes:

  • The Secondary index is a data structure that contains a subset of attributes from the table, along with an alternate key that supports Query operations.
  • Every secondary index is related to only one table, from where it obtains data. This is called base table of the index.
  • When you create an index you create an alternate key for the index i.e. Partition Key and Sort key, DynamoDB creates a copy of the attributes into the index, including primary key attributes derived from the table.
  • After this is done, you use the query/scan in the same way as you would use a query on a table.

Every secondary index is instinctively maintained by DynamoDB.

DynamoDB Indexes: DynamoDB supports two indexes:

  1. Local Secondary Index (LSI)- The index has the same partition key as the base table but a different sort key,
  2. Global Secondary index (GSI)- The index has a partition key and sort key are different from those on the base table.

While creating more than one table using secondary table , you must do it in a sequence. Create table one after the another. When you create the first table wait for it to be active.

Once that table is active, create another table and wait for it to get active and so on. If you try to create one or more tables continuously DynamoDB will return a LimitExceededException.

You must specify the following, for every secondary index:

  • Type- You must mention the type of index you are creating whether it is a Global Secondary Index or a Local Secondary index.
  • Name- You must specify the name for the index. The rules for naming the indexes are the same as that for the table it is connected with. You can use the same name for the indexes that are connected with the different base table.
  • Key- The key schema for the index states that every attribute in the index must be of the top level attribute of type-string, number, or binary. Other data types which include documents and sets are not allowed. Other requirements depend on the type of index you choose.
    • For GSI- The partitions key can be any scalar attribute of the base table.

Sort key is optional and this too can be any scalar attribute of the base table.

  • For LSI- The partition key must be the same as the base table’s partition key.

The sort key must be a non-key table attribute.

  • Additional Attributes: The additional attributes are in addition to the tables key attributes. They are automatically projected into every index. You can use attributes for any data type, including scalars, documents and sets.
  • Throughput: The throughput settings for the index if necessary are:
    • GSI: Specify read and write capacity unit settings. These provisioned throughput settings are not dependent on the base tables settings.
    • LSI- You do not need to specify read and write capacity unit settings. Any read and write operations on the local secondary index are drawn from the provisioned throughput settings of the base table.

You can create upto 5 Global and 5 Local Secondary Indexes per table. With the deletion of a table all the indexes are connected with the table are also deleted.

You can use the Scan or Query operation to fetch the data from the table. DynamoDB will give you the results in descending or ascending order.

(Source)

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

3- What is NLB in AWS?

An NLB is a Network Load Balancer.

Network Load Balancer Overview: A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model. It can handle millions of requests per second. After the load balancer receives a connection request, it selects a target from the target group for the default rule. It attempts to open a TCP connection to the selected target on the port specified in the listener configuration. When you enable an Availability Zone for the load balancer, Elastic Load Balancing creates a load balancer node in the Availability Zone. By default, each load balancer node distributes traffic across the registered targets in its Availability Zone only. If you enable cross-zone load balancing, each load balancer node distributes traffic across the registered targets in all enabled Availability Zones. It is designed to handle tens of millions of requests per second while maintaining high throughput at ultra low latency, with no effort on your part. The Network Load Balancer is API-compatible with the Application Load Balancer, including full programmatic control of Target Groups and Targets. Here are some of the most important features:

  • Static IP Addresses – Each Network Load Balancer provides a single IP address for each Availability Zone in its purview. If you have targets in us-west-2a and other targets in us-west-2c, NLB will create and manage two IP addresses (one per AZ); connections to that IP address will spread traffic across the instances in all the VPC subnets in the AZ. You can also specify an existing Elastic IP for each AZ for even greater control. With full control over your IP addresses, a Network Load Balancer can be used in situations where IP addresses need to be hard-coded into DNS records, customer firewall rules, and so forth.
  • Zonality – The IP-per-AZ feature reduces latency with improved performance, improves availability through isolation and fault tolerance, and makes the use of Network Load Balancers transparent to your client applications. Network Load Balancers also attempt to route a series of requests from a particular source to targets in a single AZ while still providing automatic failover should those targets become unavailable.
  • Source Address Preservation – With Network Load Balancer, the original source IP address and source ports for the incoming connections remain unmodified, so application software need not support X-Forwarded-For, proxy protocol, or other workarounds. This also means that normal firewall rules, including VPC Security Groups, can be used on targets.
  • Long-running Connections – NLB handles connections with built-in fault tolerance, and can handle connections that are open for months or years, making them a great fit for IoT, gaming, and messaging applications.
  • Failover – Powered by Route 53 health checks, NLB supports failover between IP addresses within and across regions.

4- How many types of VPC endpoints are available?

There are two types of VPC endpoints: (1) interface endpoints and (2) gateway endpoints. Interface endpoints enable connectivity to services over AWS PrivateLink.

5- What is the purpose of key pair with Amazon AWS EC2?

Amazon AWS uses key pair to encrypt and decrypt login information.

A sender uses a public key to encrypt data, which its receiver then decrypts using another private key. These two keys, public and private, are known as a key pair.

You need a key pair to be able to connect to your instances. The way this works on Linux and Windows instances is different.

First, when you launch a new instance, you assign a key pair to it. Then, when you log in to it, you use the private key.

The difference between Linux and Windows instances is that Linux instances do not have a password already set and you must use the key pair to log in to Linux instances. On the other hand, on Windows instances, you need the key pair to decrypt the administrator password. Using the decrypted password, you can use RDP and then connect to your Windows instance.

Amazon EC2 stores only the public key, and you can either generate it inside Amazon EC2 or you can import it. Since the private key is not stored by Amazon, it’s advisable to store it in a secure place as anyone who has this private key can log in on your behalf.

6- What is VPC PrivateLink?
AWS PrivateLink provides private connectivity between VPCs and services hosted on AWS or on-premises, securely on the Amazon network. By providing a private endpoint to access your services, AWS PrivateLink ensures your traffic is not exposed to the public internet.
 

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

7- What is the difference between a VPC SG and an EC2 security group?

There are two types of Security Groups based on where you launch your instance. When you launch your instance on EC2-Classic, you have to specify an EC2-Classic Security Group . On the other hand, when you launch an instance in a VPC, you will have to specify an EC2-VPC Security Group. Now that we have a clear understanding what we are comparing, lets see their main differences:

EC2-Classic Security Group

  • When the instance is launched, you can only choose a Security Group that resides in the same region as the instance.
  • You cannot change the Security Group after the instance has launched (you may edit the rules)
  • They are not IPv6 Capable

EC2-VPC Security Group

  • You can change the Security Group after the instance has launched
  • They are IPv6 Capable

Generally speaking, they are not interchangeable and there are more capabilities on the EC2-VPC SGs. You may read more about them on Differences Between Security Groups for EC2-Classic and EC2-VPC

8- Why do AWS DynamoDB and S3 use gateway VPC endpoints rather than interface endpoints?

I think this is historical in nature. S3 and DynamoDB were the first services to support VPC endpoints. The release of those VPC endpoint features pre-dates two important services that subsequently enabled interface endpoints: Network Load Balancer and AWS PrivateLink.

9- What is the best way to develop AWS Lambda functions locally on your laptop?

  • Separate the Lambda handler from your core logic.
  • Take advantage of execution context reuse to improve the performance of your function. Initialize SDK clients and database connections outside of the function handler, and cache static assets locally in the /tmp directory. Subsequent invocations processed by the same instance of your function can reuse these resources. This saves execution time and avoid potential data leaks across invocations, don’t use the execution context to store user data, events, or other information with security implications. If your function relies on a mutable state that can’t be stored in memory within the handler, consider creating a separate function or separate versions of a function for each user.
  • Use AWS Lambda Environment Variables to pass operational parameters to your function. For example, if you are writing to an Amazon S3 bucket, instead of hard-coding the bucket name you are writing to, configure the bucket name as an environment variable.

10- How can I see if/when someone logs into my AWS Windows instance?

You can use VPC Flow Logs. The steps would be the following:

  • Enable VPC Flow Logs for the VPC your EC2 instance lives in. You can do this from the VPC console
  • Having VPC Flow Logs enabled will create a CloudWatch Logs log group
  • Find the Elastic Network Interface assigned to your EC2 instance. Also, get the private IP of your EC2 instance. You can do this from the EC2 console.
  • Find the CloudWatch Logs log stream for that ENI.
  • Search the log stream for records where your Windows instance’s IP is the destination IP, make sure the port is the one you’re looking for. You’ll see records that tell you if someone has been connecting to your EC2 instance. For example, there are bytes transferred, status=ACCEPT, log-status=OK. You will also know the source IP that connected to your instance.

I recommend using CloudWatch Logs Metric Filters, so you don’t have to do all this manually. Metric Filters will find the patterns I described in your CloudWatch Logs entries and will publish a CloudWatch metric. Then you can trigger an alarm that notifies you when someone logs in to your instance.

Here are more details from the AWS Official Blog and the AWS documentation for VPC Flow Logs records:

VPC Flow Logs – Log and View Network Traffic Flows

Amazon Virtual Private Cloud

Also, there are 3rd-party tools that simplify all these steps for you and give you very nice visibility and alerts into what’s happening in your AWS network resources. I’ve tried Observable Networks and it’s great: Observable Networks

11- While enabling ports on AWS NAT gateway when you allow inbound traffic on port 80/443 , do you need to allow outbound traffic on the same ports or is it sufficient to allow outbound traffic on ephemeral ports (1024-65535)?

Typically outbound traffic is not blocked by NAT on any port, so you would not need to explicitly allow those, since they should already be allowed. Your firewall generally would have a rule to allow return traffic that was initiated outbound from inside your office.

12- Is AWS traffic between EC2 nodes in the same availability zone secure with respect to sending sensitive data?

According to Amazon’s documentation, it is impossible for one instance to sniff traffic bound for a different instance.

https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf

  • Packet sniffing by other tenants. It is not possible for a virtual instance running in promiscuous mode to receive or “sniff” traffic that is intended for a different virtual instance. While you can place your interfaces into promiscuous mode, the hypervisor will not deliver any traffic to them that is not addressed to them. Even two virtual instances that are owned by the same customer located on the same physical host cannot listen to each other’s traffic. Attacks such as ARP cache poisoning do not work within Amazon EC2 and Amazon VPC. While Amazon EC2 does provide ample protection against one customer inadvertently or maliciously attempting to view another’s data, as a standard practice you should encrypt sensitive traffic.

But as you can see, they still recommend that you should maintain encryption inside your network. We have taken the approach of terminating SSL at the external interface of the ELB, but then initiating SSL from the ELB to our back-end servers, and even further, to our (RDS) databases. It’s probably belt-and-suspenders, but in my industry it’s needed. Heck, we have some interfaces that require HTTPS and a VPN.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

FROM AWS:REINVENT 2020:

Automate anything with AWS Systems Manager

You can automate any task that involves interaction with AWS and on-premises resources, including in multi-account and multi-Region environments, with AWS Systems Manager. In this session, learn more about three new Systems Manager launches at re:Invent—Change Manager, Fleet Manager, and Application Manager. In addition, learn how Systems Manager Automation can be used across multiple Regions and accounts, integrate with other AWS services, and extend to on-premises. This session takes a deep dive into how to author a custom runbook using an automation document, and how to execute automation anywhere.

Deliver cloud operations at scale with AWS Managed Services

Learn how you can quickly build scaled AWS operations tooling to meet some of the most complex and compliant operations system requirements.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Turbocharging query execution on Amazon EMR

Learn about the performance improvements made in Amazon EMR for Apache Spark and Presto, giving Amazon EMR one of the fastest runtimes for analytics workloads in the cloud. This session dives deep into how AWS generates smart query plans in the absence of accurate table statistics. It also covers adaptive query execution—a technique to dynamically collect statistics during query execution—and how AWS uses dynamic partition pruning to generate query predicates for speeding up table joins. You also learn about execution improvements such as data prefetching and pruning of nested data types.

Detect machine learning (ML) model drift in production

 Explore how state-of-the-art algorithms built into Amazon SageMaker are used to detect declines in machine learning (ML) model quality. One of the big factors that can affect the accuracy of models is the difference in the data used to generate predictions and what was used for training. For example, changing economic conditions could drive new interest rates affecting home purchasing predictions. Amazon SageMaker Model Monitor automatically detects drift in deployed models and provides detailed alerts that help you identify the source of the problem so you can be more confident in your ML applications.

Amazon Lightsail: The easiest way to get started on AWS

Amazon Lightsail is AWS’s simple, virtual private server. In this session, learn more about Lightsail and its newest launches. Lightsail is designed for simple web apps, websites, and dev environments. This session reviews core product features, such as preconfigured blueprints, managed databases, load balancers, networking, and snapshots, and includes a demo of the most recent launches. Attend this session to learn more about how you can get up and running on AWS in the easiest way possible.

Deep dive into AWS Lambda security: Function isolation

This session dives into the security model behind AWS Lambda functions, looking at how you can isolate workloads, build multiple layers of  protection, and leverage fine-grained authorization. You learn about the  implementation, the open-source Firecracker technology that provides one of  the most important layers, and what this means for how you build on Lambda. You also see how AWS Lambda securely runs your functions packaged and  deployed as container images. Finally, you learn about SaaS, customization, and safe patterns for running your own customers’ code in your Lambda functions.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Red team vs. blue team in AWS: Learn to defend your cloud applications (sponsored by Check Point Software)

Unauthorized users and financially motivated third parties also have access to advanced cloud capabilities. This causes concerns and creates challenges for customers responsible for the security of their cloud assets. Join us as Roy Feintuch, chief technologist of cloud products, and Maya Horowitz, director of threat intelligence and research, face off in an epic battle of defense against unauthorized cloud-native attacks. In this session, Roy uses security analytics, threat hunting, and cloud intelligence solutions to dissect and analyze some sneaky cloud breaches so you can strengthen your cloud defense. This presentation is brought to you by Check Point Software, an AWS Partner.

Best practices for security governance in serverless applications

AWS provides services and features that your organization can  leverage to improve the security of a serverless application. However, as organizations grow and developers deploy more serverless applications, how do  you know if all of the applications are in compliance with your organization’s security policies? This session walks you through serverless security, and you learn about protections and guardrails that you can build  to avoid misconfigurations and catch potential security risks.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

How Amazon.com automates cash identification & matching with AWS AI/ML

The Amazon Cash application service matches incoming customer payments with accounts and open invoices, while an email ingestion service (EIS) processes more than 1 million semi-structured and unstructured remittance emails monthly. In this session, learn how this EIS classifies the emails, extracts invoice data from the emails, and then identifies the right invoices to close on Amazon financial platforms. Dive deep on how these services automated 89.5% of cash applications using AWS AI & ML services. Hear about how these services will eliminate the manual effort of 1000 cash application analysts in the next 10 years.

Understanding AWS Lambda streaming events

Dive into the details of using Amazon Kinesis Data Streams and Amazon DynamoDB Streams as event sources for AWS Lambda. This session walks you through how AWS Lambda scales along with these two event sources. It also covers best practices and challenges, including how to tune streaming sources for optimum performance and how to effectively monitor them.

Building real-time applications using Apache Flink

Build real-time applications using Apache Flink with Apache Kafka and Amazon Kinesis Data Streams. Apache Flink is a framework and engine for building streaming applications for use cases such as real-time analytics and complex event processing. This session covers best practices for building low-latency applications with Apache Flink when reading data from either Amazon MSK or Amazon Kinesis Data Streams. It also covers best practices for running low-latency Apache Flink applications using Amazon Kinesis Data Analytics and discusses AWS’s open-source contributions to this use case.

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

App modernization on AWS with Apache Kafka and Confluent Cloud

Learn how you can accelerate application modernization and benefit from the open-source Apache Kafka ecosystem by connecting your legacy, on-premises systems to the cloud. In this session, hear real customer stories about timely insights gained from event-driven applications built on an event streaming platform from Confluent Cloud running on AWS, which stores and processes historical data and real-time data streams. Confluent makes Apache Kafka enterprise-ready using infinite Kafka storage with Amazon S3 and multiple private networking options including AWS PrivateLink, along with self-managed encryption keys for storage volume encryption with AWS Key Management Service (AWS KMS).

BI at hyperscale: Quickly build and scale dashboards with Amazon QuickSight

Data-driven business intelligence (BI) decision making is more important than ever in this age of remote work. An increasing number of organizations are investing in data transformation initiatives, including migrating data to the cloud, modernizing data warehouses, and building data lakes. But what about the last mile—connecting the dots for end users with dashboards and visualizations? Come to this session to learn how Amazon QuickSight allows you to connect to your AWS data and quickly build rich and interactive dashboards with self-serve and advanced analytics capabilities that can scale from tens to hundreds of thousands of users, without managing any infrastructure and only paying for what you use.

 

Top-paying Cloud certifications:

  1. Google Certified Professional Cloud Architect — $175,761/year
  2. AWS Certified Solutions Architect – Associate — $149,446/year
  3. Azure/Microsoft Cloud Solution Architect – $141,748/yr
  4. Google Cloud Associate Engineer – $145,769/yr
  5. AWS Certified Cloud Practitioner — $131,465/year
  6. Microsoft Certified: Azure Fundamentals — $126,653/year
  7. Microsoft Certified: Azure Administrator Associate — $125,993/year

AWS Certified Solution Architect Associate Exam Prep Quiz App

AWS Certified Solution Architect Associate Exam Prep
AWS Certified Solution Architect Associate Exam Prep

Download AWS Solution Architect Associate Exam Prep Pro App (No Ads, Full version with answers) for:

Android –  iOS – Windows 10 – Amazon Android

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Download AWS Solution Architect Associate Exam Prep Quiz App for:

All Platforms (PWA) –  Android –  iOS – Windows 10  – Amazon Android

‎Solution Architect Assoc. PRO
‎Solution Architect Assoc. PRO
Download
QR-Code

‎Solution Architect Assoc. PRO
Developer:
DjamgaTech Corp
Price:
$4.99

  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot
  • ‎Solution Architect Assoc. PRO Screenshot


AWS Cert Solution Architect Associate PRO: SAA-C02
AWS Cert Solution Architect Associate PRO: SAA-C02
Download
QR-Code

AWS Cert Solution Architect Associate PRO: SAA-C02
Developer:
Etienne D. Noumen
Price:
$5.49

  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot
  • AWS Cert Solution Architect Associate PRO: SAA-C02 Screenshot

Recent Posts

  • Jobs, Career, Salary, Total Compensation, Interview Tips at FAANGM: Facebook, Apple, Amazon, Netflix, Google, Microsoft
  • Electric Cars – Autonomous Cars – Self driving cars : Tesla, CyberTruck, EV, Volt, Wayne, Nissan Leaf, Electric Bikes, e-bikes, i-cars, smart cars
  • O(n) Reverse Arrays to Make Equal with Python
  • O(n) Contiguous Subarray in Python
  • O(n) Rotational Cipher in Python

Learning Animal Tools

Sports

  • Yahoo Sport
  • Football in Real Time Now
  • ShowUpAndPlaySports
  • Yahoo Sport UK
  • ESPN
  • Bleacher Report

Other Interesting Blogs

  • Djamga
  • 538
  • Pros and Cons of Co-Ed Games

RSS Djamga Sports Blog

  • Pros and Cons of Keeping the Score
    What are the Pros and Cons of Keeping the Score?
  • Pros and Cons of couples playing in the same team
    What are the Pros and Cons of couples playing in the same team?
  • Co-Ed sports - Co-Ed games
    What is Co-Ed sports or Co-Ed games?

News

  • News in RealtimeNow
  • Sport in RealTimeNow
  • Jobs inRealtimeNow
  • Entertainment
  • Health - Medicine
  • Technology
  • Sciences

RSS Latest Google Tech News

  • New trailer for remastered Nier Replicant ver. 1.22474487139... - Polygon
  • Star Wars: Republic Commando - Official Announcement Trailer (PS4 & Nintendo Switch) - IGN
  • Anandtech : HP is Acquiring HyperX for $425 Million - AnandTech
  • YouTube’s ‘supervised experiences’ help parents choose what content their kids can see - The Verge
  • Ring’s new Video Doorbell Pro 2 captures a taller image and has enhanced motion detection - The Verge
  • Stunning new 2021 iMac leak reveals new design in five colors - iMore
  • Fractal Meshify 2 Compact Case Review: Shrunken ATX Case - Gamers Nexus
  • Amazon's Luna cloud gaming service is now open to all Fire TV users - Engadget
  • Echo Show 10 review: Smart displays are on the move - CNET
  • Android users now have an easy way to check the security of their passwords - Ars Technica

Where to Play or Participate in Co-Ed Sports

Find where to play or participate in Amateur Co-Ed Soccer , Football, Basketball, Hockey, Cricket, Rugby, Tennis, Golf, Cycling, Racing, Boxing, Athletics, Badminton, Curling, Dodgeball, Gymnastics, Lacrosse, Martial Arts, PickleBall, Rugby, Slo-Pitch, Softball, Squash, Swimming, Ultimate, Volleyball in Austin, Boston, Calgary, Dallas, Denver, Edmonton, Houston, London, Los Angeles, Miami, Montreal, New York, Ottawa, Paris, Philadelphia, Portland, San Antonio, San Diego,San Francisco Bay Area, Seattle, Toronto, Vancouver
  • Watch Soccer, Football Free Online
  • Watch NFL, CFL, Superbowl, NCAAF Free Online
  • Main
  • About
  • Online Store
  • Books
  • Contact
  • Top 100 AWS Certified Cloud Practitioner Exam Preparation Questions and Answers Dumps
  • Show All Posts
  • Privacy Policy
  • Disclaimer
Privacy Policy Proudly powered by WordPress
error: Content is protected !!