SAA - Udemy Review

Question 1

What are Application Load Balancers good for?

Answer 1

Micro Services & Container-based applications like Docker and Amazon ECS

The port mapping features helps to redirect to dynamic ports in ECS. If Classic Load Balancer was used, we’d need one per application so ALB is a better choice.

Question 2

What is the port for FTP?

Answer 2

21

Question 3

What is the port for SSH?

Answer 3

22

Question 4

What is the port for SFTP?

Answer 4

22

Question 5

What is the port for HTTP?

Answer 5

80

Question 6

What is the port for HTTPS?

Answer 6

443

Question 7

What are the database ports?

Answer 7

PostgreSQL: 5432
MySQL: 3306
Oracle RDS: 1521
MSSQL Server: 1433
MariaDB: 3306
AuroraPostgreSQL: 5432
AuroraMySQL: 3306

Question 8

Which RDS feature when used does not require you to change SQL connection string regardless of which database is up?

Answer 8

Multi-AZ

Question 9

If you don’t want to enable sticky sessions on your ALB in fear that it will overload some EC2 instances and you have an Auto Scaling Group behind an ALB with a fleet of EC2 instances, what should you do?

Answer 9

Store session data in ElastiCache to ensure different EC2 instances can retrieve user state if needed

Question 10

What allows you to have a replica of your database in a different AWS region in case of a disaster?

Answer 10

Aurora Global Database

Question 11

How can you enhance security of ElastiCache Redis cluster by forcing users to enter a password when they connect?

Answer 11

Use Redis Auth

Question 12

In case of a regional outage for RDS PostgreSQL database so that DB is made available for both read and write workloads in another AWS region where the DR is highly available, what do you recommend?

Answer 12

Create a read replica in a different region and enable Multi-AZ on the read replica.

Question 13

Which uses sync and async replication between RDS Read Replicas and Multi-AZ?

Answer 13

RR uses Async replication and Multi-AZ uses Sync replication

Question 14

How many read replicas can you have for your RDS database?

Answer 14

5

Question 15

Which RDS db does not support IAM db auth?

Answer 15

Oracle

Question 16

How many Aurora read replicas can you have in a single Aurora DB cluster?

Answer 16

15

Question 17

Aurora supports which DBs?

Answer 17

PostgreSQL and MySQL

Question 18

What is an effective and highly available solution for a gaming leaderboard that is ranked in real-time?

Answer 18

ElastiCache for Redis - Sorted Sets

Question 19

What is the A R53 recrod tyep?

Answer 19

maps host name to IPv4

Question 20

What is AAAA?

Answer 20

maps host name to IPV6

Question 21

What does CNAME do?

Answer 21

Map hostname to another hostname with an A or AAAA record

Question 22

What is NS?

Answer 22

Name servers for hosted zone that controls traffic

Question 23

What are the 3 types of health checks via route 53?

Answer 23

Monitor an endpoint (app, server, other AWS resource)
Monitor other health checks (calculated health checks)
Monitor CloudWatch alarms (full control) and is useful for private resources

Question 24

How do monitoring endpoint healthchecks look?

Answer 24

15 health checkers
3 healthy/unhealthy threshold as default
30 second interval
Supporting HTTP and HTTPs and TCP protocols
If >18% it’s healthy, otherwise unhealthy
Can pass based on status code
Pass based on text in first 51020 bytes of response
Need to configure router/firewall to allow incoming requests

Question 25

What are calculated health checks?

Answer 25

Can combine child healthchecks with OR, AND, NOT
Monitor up to 256 child health checks
Specify how many need to pass for this “parent” healthcheck to pass

Question 26

What are thalth checks for private hosted zones?

Answer 26

R53 lives outside of VPC generally and can’t access private endpoints
However, if a cloudwatch metric and cloudwatch alarm is associated, then health check can check the alarm

Question 27

If purchasing domain on 3rd party registrar, how to use R53 through amazon?

Answer 27

Create a public hosted zone

Update the 3rd party registrar NS records (namespace)

Question 28

Can a healthcheck monitor an SQS queue for R53?

Answer 28

No it cannot

Question 29

How to instantiate EC2 instances quickly?

Answer 29

Create golden AMI with applications, OS dependencies, etc.
Add a few small things to user data
Mix golden AMI + user data to instantiate quickly

Question 30

How to instantiate RDS databases quickly?

Answer 30

Restore the database from a snapshot so all schemas and data are ready

Question 31

How to instantiate EBS volumes?

Answer 31

Restore from a snapshot so that the disk is formatted and has data

Question 32

What are the components of Beanstalk?

Answer 32

Aplications
Application Version
Environment with aws resources running an app version
Tiers: web server or worker environment

Question 33

What is the process for beanstalk?

Answer 33

Create application
Upload version
launch environment
manage environment
repeat when versions are updated

Question 34

What are web server tiers?

Answer 34

Traditional architecture with load balancer and ASG with multiple EC2 instances.

Question 35

What are worker environment tiers?

Answer 35

No client accessing EC2 instance, instead there is an SQS queue where the instances are workers that are pulling messages to process them. Can have the web environment push messages into the worker environment.

Question 36

What are the components of an S3 bucket policy?

Answer 36

Version and statement at the top level.

Within the statement:
SID
Effect
Principal
Action []
Resource []

Question 37

What are the block public access options?

Answer 37

New ACLs
Any ACLs
New public bucket or access point policies
ANY public bucket or access point policies

Question 38

Does an explicit deny in an IAM policy take precedence over an S3 bucket policy?

Answer 38

Yes

Question 39

What is the default port for HTTPS, HTTP?

Answer 39

443, 80

Question 40

What is the metadata URL?

Answer 40

http://169.254.169.254/latest/meta-data/

Question 41

What are the 3 retrieval options for Amazon Glacier?

Answer 41

Expedited - 1-5 minutes
Standard - 3-5 hours
Bulk - 5-12 hours

Question 42

What is the minimum storage duration for Amazon Glacier/DeepArchive?

Answer 42

90/180 days

Question 43

What are the retrieval options for Amazon Glacier Deep Archive?

Answer 43

Standard - 12 hours

Bulk - 48 hours