AAAAWWWSSSS

Question 1

The Well Architected Framework is a set of principles that AWS recommends as a way of evaluating the pros and cons of designing and implementing applications in the cloud.

The AWS Well Architected Framework’s 5 Pillars include:

Answer 1

1. Reliability
2. Performance Efficiency
3. Security
4. Cost Optimization
5. Operational Excellence

Question 2

Avoid the complete failure of your application. Replace a failed resource rather then try to fix it.

Answer 2

Reliability

Question 3

Get the performance you desire without overprovisioning capacity, but also without sacrificing reliability. You can improve application performance by creating a CloudFront distribution to place your application’s content in edge locations that are closer to them.

Answer 3

Performance Efficiency

Question 4

Concerned with ensuring the confidentiality, integrity, and availability of data. Only those people and systems that need access to data should have it and needs to be protected from unauthorized modifications.

Answer 4

Security

Question 5

When securing data stored on your AWS Resources, you should know the following basic principles:

Answer 5

1. Principle of Least Privileage: Create IAM user & resource policies that grant delete or modified access only to those principals that need it.
2. Avoid data loss by using backup and replication: Create EBS snapshots to create recovery points for EC2 instances. Configure S3 object versioning & replication to make it possible to recover modified or destroyed data.
3. Enforce Confidentiality by using encryption to protect data at rest as well as in transit.
4. Track every activity that occurs on your AWS resources by enabling detailed logging.

Question 6

Use cloud to meet your needs at the lowest possible cost. Use AWS Cost Explorer and Cost/Usage Reports to see how much your spending on AWS Services. Also save money by purchasing instance reservations or using spot instances to save over on-demand costs.

Answer 6

Cost Optimization

Question 7

Automating the processes required to achieve and maintain the other 4 goals/principles. Improve and automate more activities for the purpose of strengthening the other pillars.

Answer 7

Operational Excellence

1. Reliability: Use Elastic Load Balancing Health Checks to monitor health of applications running on several EC2 instances.
2. Performance Efficiency: Use EC2 Auto Scaling dynamic scaling policies to scale in and out automatically.
3. Security: Use CodeBuild to automatically test new application code for security vulnerabilities. When deploying an application use CloudFormation to automatically deploy fresh, secure infrastructure rather than following a manuel checklist.
4. Cost Optimization: Implement S3 object life cycle configuration to delete unneeded objects. Or automatically have certain applications shut down and restart at certain times of the day.

Question 8

• Scale the size of the Auto Scaling group in or out between 1 and 3 instances, depending on the average aggregate CPU utilization of the instances:
• On the other hand, if the utilization drops below 50%, it indicates that you have more instances than you need, so Auto Scaling will scale in:

Answer 8

• Dynamic Scaling Policy

- Target Tracking Policy

Question 9

Difference between Static and Dynamic Website

Answer 9

• Static: refers to the sites assets sitting in the S3 Bucket. You can update these files as much as you want, but what’s delivered to the end user is the same content that’s stored in S3.
• Dynamic: Use server-side processing to modify the content on the fly just before sending it to the user.

**Rule of thumb, is a website uses a database for storing any information, it’s a dynamic website.

Question 10

S3 Bucket. By default, files in S3 buckets are not public. Your bucket name must be the same as the domain name. Static Websites that are hosted on S3 do not use what

Answer 10

• They do not use encrypted HTTPS, meaning the content you serve is not encrypted and can be read in transit. If you want to use HTTPS to secure your static website, you can do so by creating a CloudFront distribution (which is encryption in transit).

Question 11

What are examples of applying the principles of the security pillar of the WAF.

Answer 11

• Granting each AWS user their own IAM username and password.
• Enabling S3 Versioning

Question 12

What is required to enable S3 static website hosting on a bucket

Answer 12

Enable Bucket hosting in the S3 Service console

Question 13

What feature of S3 improves the security of data you store in an S3 bucket

Answer 13

• Objects in S3 are not public by default

- By default, S3 removes ACLS that allow public read access to objects.

Question 14

What contains the configuration information for instances in an Auto Scaling group

Answer 14

Launch Template

Question 15

How does an application load balancer enable reliability

Answer 15

By routing traffic away from failing instances

Question 16

Uses security groups to control inbound access, so you need to apply a security group that has an inbound rule allowing HTTP access.

Answer 16

Application Load Balancer Listeners

Question 17

If there are 3 subnets in the default VPC, how many availability zones must there be

Answer 17

3 availability zones. In VPC, AWS creates a subnet for each Availability Zone in the Region.

Question 18

What is a key component of operational excellence

Answer 18

automating manual processes