The Reliability Pillar Flashcards
What’s the minimum level of availability you need to stay under 30 minutes of downtime per month?
99 percent
99.9 percent
99.95 percent
99.999 percent
C. Availability of 99.95 percent translates to about 22 minutes of downtime per month, or 4 hours and 23 minutes per year. Availability of 99.999 percent is less than 30 seconds of downtime per month, but the question calls for the minimum level of availability. Availability of 99 percent yields more than 7 hours of downtime per month, whereas 99.9 percent is more than 43 minutes of downtime per month.
Your application runs on two EC2 instances in one availability zone. An elastic load balancer distributes user traffic evenly across the healthy instances. The application on each instance connects to a single RDS database instance. Assuming each EC2 instance has an availability of 90 percent and the RDS instance has an availability of 95 percent, what is the total application availability?
94.05 percent
99 percent
99.9 percent
99.95 percent
A. The EC2 instances are redundant components, so to calculate their availability, you multiply the component failure rates and subtract the product from 100 percent. In this case, 100% – (10% × 10%) = 99%. Because the database represents a hard dependency, you multiply the availability of the EC2 instances by the availability of the RDS instance, which is 95 percent. In this case, 99% × 95% = 94.05%. A total availability of 99 percent may seem intuitive, but because the redundant EC2 instances have a hard dependency on the RDS instance, you must multiple the availabilities together. A total availability of 99.99 percent is unachievable since it’s well above the availability of any of the components.
Your organization is designing a new application to run on AWS. The developers have asked you to recommend a database that will perform well in all regions. Which database should you recommend for maximum availability?
Multi‐AZ RDS using MySQL
DynamoDB
Multi‐AZ RDS using Aurora
A self‐hosted SQL database
B. DynamoDB offers 99.99 percent availability and low latency. Because it’s distributed, data is stored across multiple availability zones. You can also use DynamoDB global tables to achieve even higher availability: 99.999 percent. Multi‐AZ RDS offerings can provide low latency performance, particularly when using Aurora, but the guaranteed availability is capped at 99.95 percent. Hosting your own SQL database isn’t a good option because, although you could theoretically achieve high availability, it would come at the cost of significant time and effort.
Which of the following can help you increase the availability of a web application? (Choose all that apply.)
Store web assets in an S3 bucket instead of on the application instance.
Use instance classes large enough to handle your application’s peak load.
Scale your instances in.
Scale your instances out.
B, D. One cause of application failures is resource exhaustion. By scoping out large enough instances and scaling out to make sure you have enough of them, you can prevent failure and thus increase availability. Scaling instances in may help with cost savings but won’t help availability. Storing web assets in S3 instead of hosting them from an instance can help with performance but won’t have an impact on availability.
You’ve configured an EC2 Auto Scaling group to use a launch configuration to provision and install an application on several instances. You now need to reconfigure Auto Scaling to install an additional application on new instances. Which of the following should you do?
Modify the launch configuration.
Create a launch template and configure the Auto Scaling group to use it.
Modify the launch template.
Modify the CloudFormation template.
B. You can modify a launch template by creating a new version of it; however, the question indicates that the Auto Scaling group was created using a launch configuration. You can’t modify a launch configuration. Auto Scaling doesn’t use CloudFormation templates.
You create an Auto Scaling group with a minimum group size of 3, a maximum group size of 10, and a desired capacity of 5. You then manually terminate two instances in the group. Which of the following will Auto Scaling do?
Create two new instances
Reduce the desired capacity to 3
Nothing
Increment the minimum group size to 5
A. Auto Scaling strives to maintain the number of instances specified in the desired capacity setting. If the desired capacity setting isn’t set, Auto Scaling will attempt to maintain the number of instances specified by the minimum group size. Given a desired capacity of 5, there should be five healthy instances. If you manually terminate two of them, Auto Scaling will create two new ones to replace them. Auto Scaling will not adjust the desired capacity or minimum group size.
Which of the following can Auto Scaling use for instance health checks? (Choose all that apply.)
ELB health checks
CloudWatch Alarms
Route 53 health checks
EC2 system checks
EC2 instance checks
A, D, E. Auto Scaling monitors the health of instances in the group using either ELB or EC2 instance and system checks. It can’t use Route 53 health checks. Dynamic scaling policies can use CloudWatch Alarms, but these are unrelated to checking the health of instances.
You’re running an application that receives a spike in traffic on the first day of every month. You want to configure Auto Scaling to add more instances before the spike begins and then add additional instances in proportion to the CPU utilization of each instance. Which of the following should you implement? (Choose all that apply.)
Target tracking policies
Scheduled actions
Step scaling policies
Simple scaling policies
B, C. Scheduled actions can adjust the minimum and maximum group sizes and the desired capacity on a schedule, which is useful when your application has a predictable load pattern. To add more instances in proportion to the aggregate CPU utilization of the group, implement step scaling policies. Target tracking policies adjust the desired capacity of a group to keep the threshold of a given metric near a predefined value. Simple scaling policies simply add more instances when a defined CloudWatch alarm triggers, but the number of instances added is not proportional to the value of the metric.
Which of the following provide the most protection against data corruption and accidental deletion for existing objects stored in S3? (Choose two.)
Versioning
Bucket policies
Cross‐region replication
Using the Standard storage class
A, D. Enabling versioning protects objects against data corruption and deletion by keeping before and after copies of every object. The Standard storage class replicates objects across multiple availability zones in a region, guarding against the failure of an entire zone. Bucket policies may protect against accidental deletion, but they don’t guard against data corruption. Cross‐region replication applies to new objects, not existing ones.
You need to maintain three days of backups for binary files stored across several EC2 instances in a spot fleet. What’s the best way to achieve this?
Stream the files to CloudWatch Logs.
Create an Elastic File System and back up the files to it using a cron job.
Create a Snapshot Lifecycle Policy to snapshot each instance every 24 hours and retain the latest three snapshots.
Create a Snapshot Lifecycle Policy to snapshot each instance every 4 hours and retain the latest 18 snapshots.
C. The Data Lifecycle Manager can automatically create snapshots of an EBS volume every 12 or 24 hours and retain up to 1,000 snapshots. Backing up files to EFS is not an option because a spot instance may terminate before the cron job has a chance to complete. CloudWatch Logs doesn’t support storing binary files.
You plan to run multi‐AZ RDS across three availability zones in a region. You want to have two read replicas per zone. Which database engine should you choose?
MySQL
PostgreSQL
MySQL
Aurora
D. Aurora allows you to have up to 15 replicas. MariaDB, MySQL, and PostgreSQL allow you to have only up to five.
You’re running an RDS instance in one availability zone. What should you implement to be able to achieve a recovery point objective (RPO) of five minutes?
Configure multi‐AZ.
Enable automated snapshots.
Add a read replica in the same region.
Add a read replica in a different region.
B. When you enable automated snapshots, RDS backs up database transaction logs about every five minutes. Configuring multi‐AZ will enable synchronous replication between the two instances, but this is useful for avoiding failures and is unrelated to the time it takes to recover a database. Read replicas are not appropriate for disaster recovery because data is copied to them asynchronously, and there can be a significant delay in replication, resulting in an RPO of well over five minutes.
When creating subnets in a VPC, what are two reasons to leave sufficient space in the VPC for more subnets later? (Choose two.)
You may need to add another tier for your application.
You may need to implement RDS.
AWS occasionally adds more availability zones to a region.
You may need to add a secondary CIDR to the VPC.
A, C. AWS sometimes adds additional availability zones to a region. To take advantage of a new zone, you’ll need to be able to add a new subnet in it. You also may decide later that you may need another subnet or tier for segmentation or security purposes. RDS doesn’t require a separate subnet. It can share the same subnet with other VPC resources. Adding a secondary CIDR to a VPC doesn’t require adding another subnet.
You plan to deploy 50 EC2 instances, each with two private IP addresses. To put all of these instances in a single subnet, which subnet CIDRs could you use? (Choose all that apply.)
172.21.0.0/25
172.21.0.0/26
10.0.0.0/8
10.0.0.0/21
A, D. Fifty EC2 instances, each with two private IP addresses, would consume 100 IP addresses in a subnet. Additionally, AWS reserves five IP addresses in every subnet. The subnet therefore must be large enough to hold 105 IP addresses. 172.21.0.0/25 and 10.0.0.0/21 are sufficiently large. 172.21.0.0/26 allows room for only 63 IP addresses. 10.0.0.0/8 is large enough, but a subnet prefix length must be at least /16.
You’re currently connecting to your AWS resources using a 10 Gbps Internet connection at your office. You also have end users around the world who access the same AWS resources. What are two reasons you may consider using Direct Connect in addition to your Internet connection? (Choose two.)
Lower latency
Higher bandwidth
Better end‐user experience
Increased security
A, D. Direct Connect offers consistent speeds and latency to the AWS cloud. Because Direct Connect bypasses the public Internet, it’s more secure. For speeds, you can choose 1 Gbps or 10 Gbps, so Direct Connect wouldn’t offer a bandwidth increase over using the existing 10 Gbps Internet connection. Adding a Direct Connect connection wouldn’t have an effect on end‐user experience, since they would still use the Internet to reach your AWS resources.
