Domain 2: Design Resilient Architectures Flashcards
Your development team has created a gaming application that uses DynamoDB to store user statistics and provide fast game updates back to users. The team has begun testing the application but needs a consistent data set to perform tests with. The testing process alters the dataset, so the baseline data needs to be retrieved upon each new test. Which AWS service can meet this need by exporting data from DynamoDB and importing data into DynamoDB?
AWS Import/Export
Redshift
DAX
Elastic Map Reduce
AWS Import/Export
Incorrect. AWS Import/Export is a service you can use to transfer large amounts of data from physical storage devices into AWS. You mail your portable storage devices to AWS, and AWS Import/Export transfers data directly off of your storage devices using Amazon’s high-speed internal network.
Selected
Elastic Map Reduce
You can use Amazon EMR with a customized version of Hive that includes connectivity to DynamoDB to perform operations on data stored in DynamoDB:
Loading DynamoDB data into the Hadoop Distributed File System (HDFS) and using it as input into an Amazon EMR cluster
Querying live DynamoDB data using SQL-like statements (HiveQL)
Joining data stored in DynamoDB and exporting it or querying against the joined data
Exporting data stored in DynamoDB to Amazon S3
Importing data stored in Amazon S3 to DynamoDB
https://docs.aws.amazon.com/emr/latest/ReleaseGuide/EMRforDynamoDB.html
A small development team with very limited AWS knowledge has begun the process of creating and deploying a new frontend application based on React within AWS. The application is simple and does not need any backend processing via traditional databases. The application does, however, require GraphQL interactions to complete the required processing of data. Which AWS service can the team use to complete this?
Leverage API Gateway for any GraphQL calls. It supports GraphQL and REST API.
Stand up a full stack application easily via AWS Amplify.
Host the application in AWS Lambda instead and perform the processing using DynamoDB.
Deploy a GraphQL interface via AWS AppSync.
Stand up a full stack application easily via AWS Amplify.
This is too much for the question at hand. They do not need a full stack application.
Selected
Deploy a GraphQL interface via AWS AppSync.
This offers a simplified GraphQL interface for development teams to use within AWS. Reference: What is AWS AppSync?
After several issues with your application and unplanned downtime, your recommendation to migrate your application to AWS is approved. You have set up high availability on the front end with a load balancer and an Auto Scaling Group. What step can you take with your database to configure high-availability and ensure minimal downtime (under five minutes)?
Enable Multi-AZ failover on the database.
Create your database using CloudFormation and save the template for reuse.
Create a read replica.
Take frequent snapshots of your database.
Enable Multi-AZ failover on the database.
Correct. In the event of a planned or unplanned outage of your DB instance, Amazon RDS automatically switches to a standby replica in another Availability Zone if you have enabled Multi-AZ. The time it takes for the failover to complete depends on the database activity and other conditions at the time the primary DB instance became unavailable. Failover times are typically 60–120 seconds. However, large transactions or a lengthy recovery process can increase failover time. When the failover is complete, it can take additional time for the RDS console to reflect the new Availability Zone. Note the above sentences. Large transactions could cause a problem in getting back up within five minutes, but this is clearly the best of the available choices to attempt to meet this requirement. We must move through our questions on the exam quickly, but always evaluate all the answers for the best possible solution.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html
Create a read replica.
Incorrect. Read replicas can be promoted to the main database in case of failure. But remember, read replicas are updated asynchronously, meaning that they may not yet have the latest data in your database.
Selected
You have two EC2 instances running in the same VPC, but in different subnets. You are removing the secondary ENI from an EC2 instance and attaching it to another EC2 instance. You want this to be fast and with limited disruption. So you want to attach the ENI to the EC2 instance when it’s running. What is this called?
cold attach
hot attach
warm attach
synchronous attach
hot attach
Correct. Here are some best practices for configuring network interfaces. You can attach a network interface to an instance when it’s running (hot attach), when it’s stopped (warm attach), or when the instance is being launched (cold attach). You can detach secondary network interfaces when the instance is running or stopped. However, you can’t detach the primary network interface. You can move a network interface from one instance to another if the instances are in the same Availability Zone and VPC but in different subnets. When launching an instance using the CLI, API, or an SDK, you can specify the primary network interface and additional network interfaces. Launching an Amazon Linux or Windows Server instance with multiple network interfaces automatically configures interfaces, private IPv4 addresses, and route tables on the operating system of the instance. A warm or hot attach of an additional network interface may require you to manually bring up the second interface, configure the private IPv4 address, and modify the route table accordingly. Instances running Amazon Linux or Windows Server automatically recognize the warm or hot attach and configure themselves. Attaching another network interface to an instance (for example, a NIC teaming configuration) cannot be used as a method to increase or double the network bandwidth to or from the dual-homed instance. If you attach two or more network interfaces from the same subnet to an instance, you may encounter networking issues such as asymmetric routing. If possible, use a secondary private IPv4 address on the primary network interface instead. For more information, see Assigning a secondary private IPv4 address. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html
warm attach
Incorrect. A warm attach takes place when an instance is stopped.
Jamal recently joined a small company as a Site Reliability Engineer on the cloud development team. The team leverages numerous AWS Lambda functions with several backend AWS resources, as well as other backend microservices. A recent update to some of the different functions’ code has begun to cause massive delays within the application workloads. The development initially turned on more detailed logging within their code base; however, this did not provide the application insights required to troubleshoot the issue. What can Jamal do to more easily gain a better understanding of the response times of the affected AWS Lambda functions, as well as all the connected downstream resources within the entire application flow?
Enable AWS X-Ray within each function to gain detailed information about responses.
This is not needed. Simply increase the resource settings for each function.
Run a containerized version of the application and output log files with responses.
Update the code to log their response times for each function.
Enable AWS X-Ray within each function to gain detailed information about responses.
AWS X-Ray collects data about requests that your application serves and helps gain insights into that data to identify issues and opportunities for optimization. AWS Lambda integrates easily with AWS X-Ray by toggling the feature on within the function configuration. Reference: Scorekeep diagram
A company has an application for sharing static content, such as photos. The popularity of the application has grown, and the company is now sharing content worldwide. This worldwide service has caused some issues with latency. What AWS services can be used to host a static website, serve content to globally dispersed users, and address latency issues, while keeping cost under control? Choose two.
AWS CloudFormation
AWS Global Accelerator
EC2 placement group
CloudFront
CloudFront
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. CloudFront works seamlessly with services including AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing, or Amazon EC2 as origins for your applications, and Lambda@Edge to run custom code closer to customers’ users and to customize the user experience. Lastly, if you use AWS origins such as Amazon S3, Amazon EC2, or Elastic Load Balancing, you don’t pay for any data transferred between these services and CloudFront.
You suspect that one of the AWS services your company is using has gone down. Which service can provide you proactive and transparent notifications about the status of your specific AWS environment?
AWS Personal Health Dashboard
AWS Organizations
Amazon Inspector
AWS Trusted Advisor
AWS Personal Health Dashboard
Correct. AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view of the performance and availability of the AWS services underlying your AWS resources. The dashboard displays relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities. With Personal Health Dashboard, alerts are triggered by changes in the health of AWS resources, giving you event visibility and guidance to help quickly diagnose and resolve issues. https://aws.amazon.com/premiumsupport/technology/personal-health-dashboard/
A company has a great deal of data in S3 buckets for which they want to create a database. Creating the RDS database, normalizing the data, and migrating to the RDS database will take time and is the long-term plan. But there’s an immediate need to query this data to retrieve information necessary for an audit. Which AWS service will enable querying data in S3 using standard SQL commands?
Amazon SQL Connector
DynamoDB
Amazon Athena
There is no such service, but there are third-party tools.
Amazon Athena
Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you only pay for the queries you run.
Athena is easy to use. Simply point to your data in Amazon S3, define the schema, and start querying using standard SQL. Most results are delivered within seconds. With Athena, there’s no need for complex ETL jobs to prepare your data for analysis. This makes it easy for anyone with SQL skills to quickly analyze large-scale datasets. https://aws.amazon.com/athena/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc
A gaming company is creating an application which simply provides a leaderboard for specific games. The leaderboard will use DynamoDB for data, and simply needs to be updated in near real-time. An EC2 instance will be configured to house the application which will be accessed by subscribers from the Internet. Which step is NOT necessary for internet traffic to flow to and from the Internet?
Add a route to your subnet’s route table that directs internet-bound traffic to the internet gateway.
Attach an internet gateway to your VPC.
Ensure that your network access control lists and security group rules allow the relevant traffic to flow to and from your instance.
A route in the route table to the DynamoDB table.
A route in the route table to the DynamoDB table.
Correct. The application needs to be able to communicate with the DynamoDB table, but this has nothing to do with the necessary steps for internet traffic flow to and from the application instance.
Several instances you are creating have a specific data requirement. The requirement states that the data on the root device needs to persist independently from the lifetime of the instance. After considering AWS storage options, which is the simplest way to meet these requirements?
Send the data to S3 using S3 lifecycle rules.
Store your root device data on Amazon EBS and set the DeleteOnTermination attribute to false using a block device mapping.
Create a cron job to migrate the data to S3.
Store the data on the local instance store.
Store your root device data on Amazon EBS and set the DeleteOnTermination attribute to false using a block device mapping.
An Amazon EBS-backed instance can be stopped and later restarted without affecting data stored in the attached volumes. By default, the root volume for an AMI backed by Amazon EBS is deleted when the instance terminates. You can change the default behavior to ensure that the volume persists after the instance terminates. To change the default behavior, set the DeleteOnTermination attribute to false using a block device mapping.
A new startup company decides to use AWS to host their web application. They configure a VPC as well as two subnets within the VPC. They also attach an internet gateway to the VPC. In the first subnet, they create an EC2 instance to host a web application. There is a network ACL and a security group, which both have the proper ingress and egress to and from the internet. There is a route in the route table to the internet gateway. The EC2 instances added to the subnet need to have a globally unique IP address to ensure internet access. Which is not a globally unique IP address?
IPv6 address
Public IP address
Private IP address
Elastic IP address
Private IP address
Public IPv4 address, elastic IP address, and IPv6 address are globally unique addresses. The IPv4 addresses known for not being unique are private IPs. These are found in the following ranges: from 10.0.0.0 to 10.255.255.255, from 172.16.0.0 to 172.31.255.255, and from 192.168.0.0 to 192.168.255.255. Reference: RFC1918.
You have configured an Auto Scaling Group of EC2 instances fronted by an Application Load Balancer and backed by an RDS database. You want to begin monitoring the EC2 instances using CloudWatch metrics. Which metric is not readily available out of the box?
CPU utilization
DiskReadOps
Memory utilization
NetworkIn
Memory utilization
Correct. Memory utilization is not available as an out of the box metric in CloudWatch. You can, however, collect memory metrics when you configure a custom metric for CloudWatch. Types of custom metrics that you can set up include:
Memory utilization
Disk swap utilization
Disk space utilization
Page file utilization
Log collection
A database outage has been very costly to your organization. You have been tasked with configuring a more highly available architecture. The main requirement is that the chosen architecture needs to meet an aggressive RTO in case of disaster. You have decided to use an Amazon RDS for MySQL Multi-AZ instance deployment. How is the replication handled for Amazon RDS for MySQL with a Multi-AZ instance configuration?
You can configure an Amazon RDS for MySQL standby replica in a different Availability Zone and send traffic synchronously or asynchronously depending on your cost considerations
Amazon RDS for MySQL automatically provisions and maintains a synchronous standby replica in a different Region
Amazon RDS for MySQL automatically provisions and maintains an asynchronous standby replica in a different Availability Zone
Amazon RDS for MySQL automatically provisions and maintains a synchronous standby replica in a different Availability Zone
Amazon RDS for MySQL automatically provisions and maintains a synchronous standby replica in a different Availability Zone
In a Multi-AZ DB instance deployment, Amazon RDS for MySQL automatically provisions and maintains a synchronous standby replica in a different Availability Zone. The primary DB instance is synchronously replicated across Availability Zones to a standby replica to provide data redundancy and minimize latency spikes during system backups. Running a DB instance with high availability can enhance availability during planned system maintenance. It can also help protect your databases against DB instance failure and Availability Zone disruption. Reference: Multi-AZ DB instance deployments.
You are working for a large financial institution and have been tasked with creating a relational database solution to deal with a read-heavy workload. The database needs to be highly available within the Oregon region and quickly recover if an Availability Zone goes offline. Which of the following would you select to meet these requirements? CHOOSE 2
Use an Amazon Aurora global database to ensure a region failure won’t break the application.
Split your database into multiple RDS instances across different regions. In the event of a failure, point your application to the new region.
Enable Multi-AZ support for the RDS database.
Using RDS, create a read replica. If an AZ fails, RDS will automatically cut over to the read replica.
Create a read replica and point your read workloads to the new endpoint RDS provides.
Enable Multi-AZ support for the RDS database.
Multi-AZ creates a secondary database in another AZ within the region you are in. If something were to happen to the primary database, RDS would automatically fail over to the secondary copy. This allows your database achieve high availability with minimal work on your part. https://aws.amazon.com/rds/features/multi-az/
Selected
Create a read replica and point your read workloads to the new endpoint RDS provides.
Amazon RDS uses the MariaDB, MySQL, Oracle, PostgreSQL, and Microsoft SQL Server DB engines’ built-in replication functionality to create a special type of DB instance called a read replica from a source DB instance. Updates made to the source DB instance are asynchronously copied to the read replica. You can reduce the load on your source DB instance by routing read queries from your applications to the read replica. Using read replicas, you can elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_MySQL.Replication.ReadReplicas.html
Selected
An accounting company has big data applications for analyzing actuary data. The company is migrating some of its services to the cloud, and for the foreseeable future, will be operating in a hybrid environment. They need a storage service that provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. Which AWS service can meet these requirements?
EFS
S3
Glacier
EBS
EFS
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth. Amazon EFS offers 2 storage classes: the Standard storage class and the Infrequent Access storage class (EFS IA). EFS IA provides price/performance that’s cost-optimized for files not accessed every day. By simply enabling EFS Lifecycle Management on your file system, files not accessed according to the lifecycle policy you choose will be automatically and transparently moved into EFS IA. https://aws.amazon.com/efs/