Design Resilient Architectures Flashcards
Which of the following performs synchronous data replication in RDS?
A. RDS DB instance running as a Multi-AZ deployment
B. RDS Read Replica
C. DynamoDB Read Replica
D. CloudFront running as a Multi-AZ deployment
The correct answer is A - RDS DB instance running as a Multi-AZ deployment
B is incorrect because Read Replica provides an asynchronous replication instead of synchronous
A company has a cloud architecture that is composed of Linux and Windows EC2 instances that process high volumes of financial data 24 hours a day, 7 days a week. To ensure high availability of the systems, the Solutions Architect needs to create a solution that allows them to monitor the memory and disk utilization metrics of all the instances.
Which of the following is the most suitable monitoring solution to implement?
A. Use the default CloudWatch configuration to EC2 instances where the memory and disk utilization metrics are already available. Install the AWS Systems Manager (SSM) Agent to all the EC2 instances.
B. Install the CloudWatch agent to all the EC2 instances that gathers the memory and disk utilization data. View the custom metrics in the Amazon CloudWatch console.
C. Enable the Enhanced Monitoring option in EC2 and install CloudWatch agent to all the EC2 instances to be able to view the memory and disk utilization in the CloudWatch dashboard.
D. Use Amazon Inspector and install the Inspector agent to all EC2 instances.
The correct answer is B - Install the CloudWatch agent to all the EC2 instances that gathers the memory and disk utilization data. View the custom metrics in the Amazon CloudWatch console.
A is incorrect because CloudWatch does not automatically provide memory and disk utilization metrics of your instances.
C is incorrect because Enhanced Monitoring is a feature of Amazon RDS.
As part of the Business Continuity Plan of your company, your IT Director instructed you to set up an automated backup of all of the EBS Volumes for your EC2 instances as soon as possible.
What is the fastest and most cost-effective solution to automatically back up all of your EBS Volumes?
A. For an automated solution, create a scheduled job that calls the “create-snapshot” command via the AWS CLI to take a snapshot of production EBS volumes periodically.
B. Set your Amazon Storage Gateway with EBS volumes as the data source and store the backups in your on-premises servers through the storage gateway.
C. Use an EBS-cycle policy in Amazon S3 to automatically back up the EBS volumes.
D. Use Amazon Data Lifecycle Manager (Amazon DLM) to automate the creation of EBS snapshots.
The correct answer is D - Use Amazon Data Lifecycle Manager (Amazon DLM) to automate the creation of EBS snapshots.
B is incorrect because Amazon Storage Gateway is used only for creating a backup of data from your on-premises server and not from the Amazon Virtual Private Cloud.
C is incorrect because there is no such thing as EBS-cycle policy in Amazon S3.
A large insurance company has an AWS account that contains three VPCs (DEV, UAT and PROD) in the same region. UAT is peered to both PROD and DEV using a VPC peering connection. All VPCs have non-overlapping CIDR blocks. The company wants to push minor code releases from Dev to Prod to speed up time to market.
Which of the following options helps the company accomplish this?
A. Create a new VPC peering connection between PROD and DEV with the appropriate routes.
B. Create a new entry to PROD in the DEV route table using the VPC peering connection as the target.
C. Change the DEV and PROD VPCs to have overlapping CIDR blocks to be able to connect them.
D. Do nothing. Since these two VPCs are already connected via UAT, they already have a connection to each other.
The correct answer is A, Create a new VPC peering connection between PROD and DEV with the appropriate routes.
C is incorrect because you cannot peer two VPCs with overlapping CIDR blocks.
B is incorrect because the configuring the route tables does not help with connecting the VPCs.
D is incorrect because transitive VPC peering is not allowed.
An online stocks trading application that stores financial data in an S3 bucket has a lifecycle policy that moves older data to Glacier every month. There is a strict compliance requirement where a surprise audit can happen at anytime and you should be able to retrieve the required data in under 15 minutes under all circumstances. Your manager instructed you to ensure that retrieval capacity is available when you need it and should handle up to 150 MB/s of retrieval throughput.
Which of the following should you do to meet the above requirement? (Select TWO.)
A. Retrieve the data using Amazon Glacier Select.
B. Use Expedited Retrieval to access the financial data.
C. Use Bulk Retrieval to access the financial data.
D. Specify a range, or portion, of the financial data archive to retrieve.
E. Purchase provisioned retrieval capacity.
The correct answer is B - Use Expedited Retrieval to access the financial data, and E - Purchase provisioned retrieval capacity.
A is incorrect because it is not an archive retrieval option.
C is incorrect because Bulk Retrieval completes within 5-12 hours.
D is incorrect because it does not provide additional retrieval capacity
A FinTech startup deployed an application on an Amazon EC2 instance with attached Instance Store volumes and an Elastic IP address. The server is only accessed from 8 AM to 6 PM and can be stopped from 6 PM to 8 AM for cost efficiency using Lambda with the script that automates this based on tags.
Which of the following will occur when the EC2 instance is stopped and started? (Select TWO.)
A. The underlying host for the instance is possibly changed.
B. The ENI (Elastic Network Interface) is detached.
C. All data on the attached instance-store devices will be lost.
D. The Elastic IP address is disassociated with the instance.
E. There will be no changes.
The correct answer is A and C
B is incorrect because the ENI will stay attached even if you stopped the EC2 instance
D is incorrect because the EIP will remain associated with the instance even if it is stopped.
What is the difference between Active-Active Failover (AAF) and Active-Passive Failover (APF)?
Use AAF if you want all of the resources to be available the majority of the time, and use APF when you want a secondary resource or group of resources to be on standby.
A tech company is currently using Auto Scaling for their web application. A new AMI now needs to be used for launching a fleet of EC2 instances. Which of the following changes needs to be done?
A. Do nothing. You can start directly launching EC2 instances in the Auto Scaling group with the same launch configuration.
B. Create a new launch configuration.
C. Create a new target group.
D. Create a new target group and launch configuration.
The correct answer is B - Create a new launch configuration.
C and D is incorrect because target groups are primarily used in ELBs and not in Auto Scaling. Since the architect does not mention the use of a load balancer, the target group should not be changed.
