Domain 2: Design Resilient Architectures Flashcards
You have an online store and you are preparing for the week before Christmas, which is your busiest period of the year. You estimate that your traffic will increase by 50% during this period. Your website is using an SQS standard queue, and you’re running a fleet of EC2 instances configured in an Auto Scaling group which then consumes the SQS messages. What should you do to prepare your SQS queue for the 50% increase in traffic?
Nothing. SQS scales automatically.
Create multiple SQS queues and deploy these behind an SQS Load Balancer.
Create additional EC2 instances to help query the SQS queue.
Increase the size of your SQS queue.
Nothing. SQS scales automatically.
SQS scales automatically.
Create additional EC2 instances to help query the SQS queue.
You don’t need to do anything. SQS scales automatically.
Selected
A large fintech company is using a web application that stores its data on Amazon RDS. As a solutions architect, you have been asked to upgrade the web application so that users around the world can access it using an API. The application will need to be able to handle large bursts of traffic in seconds from time to time. What would an ideal solution look like?
Create an API using API Gateway and use Route 53 to route traffic to CloudFront.
Create an API using API Gateway and use RDS Auto Scaling to handle the bursts in traffic.
Create an API using API Gateway and use Lambda to process the requests and Lambda functions to push the requests to an SQS queue, consume messages from the queue, and interact with RDS.
Create an API using API Gateway and use EC2 with Auto Scaling to quickly handle the sudden burst of traffic.
Create an API using API Gateway and use RDS Auto Scaling to handle the bursts in traffic.
Auto Scaling RDS would not be able to handle the sudden bursts of traffic in seconds.
Selected
Create an API using API Gateway and use Lambda to process the requests and Lambda functions to push the requests to an SQS queue, consume messages from the queue, and interact with RDS.
Using API Gateway in combination with Lambda allows you to build serverless applications that can scale automatically. The inclusion of Amazon SQS helps decouple the application from the RDS database. With this architecture, during times of sudden high traffic, the requests are buffered in SQS. This provides a layer of protection for RDS, preventing it from being overwhelmed. The Lambda functions can then process the SQS messages at a pace that the RDS database can handle.
You have a subscription website that stores private images and videos in S3. You need to distribute that content globally, so you have set up a CloudFront distribution and configured your S3 bucket to only allow the distribution’s Origin Access Identity to have access to the data. You want to distribute private content to users for a limited amount of time. Which CloudFront feature allows you to securely distribute this private content?
S3 Public Access
Origin Access Identity
CloudFront Signed URLS
CloudFront Forward Distributors
CloudFront Signed URLS
CloudFront Signed URLs are commonly used to distribute paid content through dynamically generated signed URLs.
You use AWS Route53 as your DNS service and you have updated your domain, hello.acloud.guru, to point to a new Elastic Load Balancer (ELB). However, when you check the update it looks like users are still redirected to the old ELB. What could be the problem?
The TTL needs to expire. After that, the record will be updated.
Your Application Load Balancer needs to be a Network Load Balancer to interface with Route53.
The CNAME needs to be changed to an A record.
The A record needs to be changed to a CNAME.
The TTL needs to expire. After that, the record will be updated.
You need to wait for the TTL to expire. Your computer has cached the previous DNS request, but once the TTL has expired it will get the new address.
You are database administrator for a security company using a large graph database used to build graph queries for near real-time identity fraud pattern detection in financial and purchase transactions. You recently experienced an outage and you want to migrate this database to somewhere more secure and stable such as AWS. What AWS service would you recommend to the business to handle graph queries?
Aurora Serverless
Neptune
Amazon Keyspaces
Amazon DocumentDB
Neptune
This is a graph database and would be suitable to handle graph queries.
You are a database administrator working for a small start up that has just secured Venture Capital (VC) funding. As part of the new investment the VC’s have asked you to ensure that your application has minimum downtime. Currently, your backend is hosted on a dedicated cluster running MongoDB. You spend a lot of time managing the cluster, configuring backups, and trying to ensure there is no downtime. You would like to migrate your MongoDB database to the AWS cloud. What service should you use for your backend database, assuming you don’t want to make any changes to your database and application?
DynamoDB
Aurora Serverless
AWS RDS
Amazon DocumentDB
Amazon DocumentDB
This would best suit the scenario.
You have launched an EC2 instance that will host a PHP application. You install all the required software such as PHP and MySQL. You make a note of the EC2 public IPv4 address and then you stop and restart your EC2 instance. You notice that after the restart, you can’t access the EC2 instance and that the instance’s public IPv4 has been changed. What should you do to make sure your IPv4 address does not change?
Raise a support request with AWS Support and ask them to issue you a permanent IPv4 address.
Create an Application Load Balancer with a fixed IP address and place the EC2 behind this.
Install the PHP application on an S3 bucket and configure the bucket to have a fixed IP address.
Create an elastic IP address and assign it to your EC2 instance.
Create an elastic IP address and assign it to your EC2 instance.
This will give you a fixed IP address.
You manage 12 EC2 instances and you need to have a central file repository that these EC2 instances can access. What would be the best possible solutions for this? CHOOSE 2
Create a Route53 EBS storage record and create a network mount on your EC2 instances pointing at the Route53 alias record.
Create an EFS volume and mount this to the EC2 instances.
Create a custom Lambda function behind API Gateway. Point your EC2 instances to the Lambda function when they need to access the centralized storage system.
Attach a volume to multiple instances with Amazon EBS Multi-Attach.
Create an EFS volume and mount this to the EC2 instances.
EFS allows you to have centralized storage for your EC2 instances.
Selected
Attach a volume to multiple instances with Amazon EBS Multi-Attach.
You can attach a volume to multiple instances with Amazon EBS Multi-Attach.
Selected
You are a solutions architect working for a biotech company that has a large private cloud deployment using VMware. You have been tasked to setup their disaster recovery solution on AWS. What is the simplest way to achieve this?
Use the VMware landing page on AWS to provision a EC2 instance with VMware vCenter installed on it
Deploy an EC2 instance into a public subnet and install vCenter on it
Purchase VMware Cloud on AWS, leveraging VMware disaster recovery technologies and the speed of AWS cloud to protect your virtual machines
Deploy an EC2 instance into a private subnet and install vCenter on it
Purchase VMware Cloud on AWS, leveraging VMware disaster recovery technologies and the speed of AWS cloud to protect your virtual machines
Customers can buy VMware Cloud on AWS directly through AWS and AWS Partner Network (APN) Partners in the AWS Solution Provider Program. This allows customers the flexibility to purchase VMware Cloud on AWS either through AWS or VMware, or the AWS Solution Provider or VMware VPN Solution Provider of their choice. VMware Cloud on AWS offers a Disaster Recovery feature that uses familiar VMware vSPhere and Site Recovery Manager technologies while leveraging cloud economics. You can replicate to VMware Cloud on AWS using VMware Site Recovery Manager to one or multiple Software-Defined Data Centers. VMware Site Recovery Manager can help you automate disaster recovery, meet your recovery point objectives (RPOs), and recovery time objectives (RTOs), as well as reduce operational errors. Disaster Recovery sites can be right-sized or scaled up when you need it and down when it is no longer required. AWS Documentation: VMware Cloud on AWS | FAQs.
You want to migrate an on-premises Couchbase NoSQL database to AWS. You need this to be as resilient as possible and you want to minimize any management of servers. Preferably, you’d like to go serverless. Which database should you choose?
DynamoDB
RDS
Aurora DB
Elasticache
DynamoDB
DynamoDB is a NoSQL database and has serverless deployment.
You are working as a Solutions Architect for an online travel company. Your application is going to use an Auto Scaling group of EC2 instances but you need to have some decoupling to store messages because of high volume. Which AWS service can be added to the solution to meet this requirement?
AWS Simple Workflow Service
RDS read replicas
Elasticache
AWS SQS
AWS SQS
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message-oriented middleware and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. Get started with SQS in minutes using the AWS console, Command Line Interface, or SDK of your choice, and 3 simple commands. SQS offers 2 types of message queues. Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery. SQS FIFO queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent. https://aws.amazon.com/sqs/
Selected
You have been tasked with designing a strategy for backing up EBS volumes attached to an instance-store-backed EC2 instance. You have been asked for an executive summary on your design, and the executive summary should include an answer to the question, “What can an EBS volume do when snapshotting the volume is in progress”?
The volume can only accommodate reads while a snapshot is in progress.
The volume can only accommodate writes while a snapshot is in progress.
The volume cannot be used while a snapshot is in progress.
The volume can be used normally while the snapshot is in progress.
The volume can be used normally while the snapshot is in progress.
You can create a point-in-time snapshot of an EBS volume and use it as a baseline for new volumes or for data backup. If you make periodic snapshots of a volume, the snapshots are incremental; the new snapshot saves only the blocks that have changed since your last snapshot. Snapshots occur asynchronously; the point-in-time snapshot is created immediately, but the status of the snapshot is pending until the snapshot is complete (when all of the modified blocks have been transferred to Amazon S3), which can take several hours for large initial snapshots or subsequent snapshots where many blocks have changed. While it is completing, an in-progress snapshot is not affected by ongoing reads and writes to the volume. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html
Selected
You work for a large chip manufacturer in Taiwan who has a large dedicated cluster running MongoDB. Unfortunately, they have a large period of downtime and would now like to migrate their MongoDB instance to the AWS cloud. They do not want to make any changes to their application architecture. What AWS service would you recommend to use for MongoDB?
Amazon Neptune
Aurora Serverless
Amazon DocumentDB
Amazon QLDB
Amazon DocumentDB
This supports MongoDB and would be suitable in this scenario.
You are planning to migrate a complex big data application to AWS using EC2. The application requires complex software to be installed, which typically takes a couple of hours. You need this application to be behind an Auto Scaling group so that it can react in a scaling event. How do you recommend speeding up the installation process when there’s a scale-out event?
Pre-deploy the software on an Application Load Balancer so when there’s a scaling event it will automatically be installed on the EC2 instance.
Create a golden AMI with the software pre-installed.
Create a bootstrap script to automatically install the software.
Create an EBS volume with PIOPS for faster installation performance.
Create a golden AMI with the software pre-installed.
This golden AMI would have the software pre-installed and would be ready to use in a scaling event.
You have a web application that is hosted on a series of EC2 instances that have an Application Load Balancer in front of them. You have created a new CloudFront distribution. You then set up its origin to point to your ALB. You need to provide access to hundreds of private files served by your CloudFront distribution. What should you use?
CloudFront Signed URLS
CloudFront HTTPS encryption
CloudFront Origin Access Identity
CloudFront signed cookies
CloudFront signed cookies
Signed cookies are useful when you want to access multiple files.
