AWS Solution Architect Associate – Exercise Questions – Part 1

Please comment on this page, if you need any explanation regarding these questions. Check correct answers in Bold & Italic font.

1. You have deployed a three-tier web application in a VPC with a CIDR block of 10. 0. 0 .0/28. You initially deploy two web servers, two application servers, two database servers, and one NAT instance for a total of seven EC2 instances. The web application and database servers are deployed across two Availability Zones (AZs). You also deploy an ELB in front of the web servers and use Route53 for DNS web service. Traffic gradually increases in the first few days following the development, so you attempt to double the number of instances in each tier of the application to handle the new load. Unfortunately, some of these new instances fail to launch. Which of the following could be the root cause? Select all that apply.

SELECT THE CORRECT ANSWER

  1. The Internet Gateway (IGW) of your VPC has scaled-up, adding more instances to handle the traffic spike and reducing the number of available private IP addresses for new instance launches.
  2. AWS reserves one IP address in each subnet’s CIDR block for Route53, so you do not have enough addresses left to launch all of the new EC2 instances.
  3. AWS reserves the first and the last private IP address in each subnet’s CIDR block, so you do not have enough addresses left to launch all of the new EC2 instances.
  4. The ELB has scaled-up, adding more instances to handle the traffic and reducing the number of available private IP addresses for new instance launches.
  5. AWS reserves the first four and the last IP address in each subnet CIDR block, so you do not have enough addresses left to launch all of the new EC2 instances.

2. A social media site needs to mitigate distributed denial-of-service (DDoS) attacks. Identify viable solutions. Select all that apply.

SELECT THE CORRECT ANSWER

  1. Add multiple Elastic Network Interfaces (ENIs) to each instance to increase the network bandwidth.
  2. Use dedicated instances to ensure that each instance has the maximum performance possible.
  3. Use an Amazon CloudFront distribution for both static and dynamic content.
  4. Use an Elastic Load Balancer with Auto Scaling groups at the web, app, and Amazon Relational Database Service (RDS) tiers.
  5. Use Amazon WAF in front of the Web server layer

3. You have to design the Internet connectivity for your VPC. The web servers must be accessible from the Internet and the application must have a highly available architecture. Which alternatives should you consider? Select all that apply.

SELECT THE CORRECT ANSWER

  1. Configure a NAT instance in your VPC. Create a default route via the NAT instance and associate it with all subnets. Configure a DNS record that points to the public IP address of the NAT instance.
  2. Configure a CloudFront distribution and configure the origin to point to the private IP addresses of your web servers. Configure a Route53 CNAME record to your CloudFront distribution.
  3. Place all your web servers behind an ELB. Configure a Route53 CNAME to point to the ELB DNS failover.
  4. Assign EIPs to all web servers. Configure a Route53 record set with all EIPs, with health checks and DNS failover.
  5. Configure an ELB with an EIP. Place all your web servers behind an ELB. Configure a Route53 record that points to the EIP.

4. Your website is serving on-demand training videos to your workforce. Videos are uploaded monthly in high-resolution MP4 format. Your workforce is distributed globally. They are often on the move and use company-provided tablets that require the HTTP Live Streaming (HLS) protocol to watch a video. Your company has no video transcoding expertise and, if required, you may need to pay for a consultant. How do you implement the most cost-efficient architecture without compromising the high availability and quality of video delivery?

SELECT THE CORRECT ANSWER

  1. Use an Elastic Transcoder to transcode original high-resolution MP4 videos to HLS. Use S3 to host videos with Lifecycle Management to archive original files to Glacier after a few days. You can use CloudFront to retrieve HLS transcoded videos from S3.
  2. Use a video transcoding pipeline running on EC2 using SQS to distribute tasks and Auto Scaling to adjust the number of nodes depending on the length of the queue S3 to host videos with Lifecycle Management to archive all files to Glacier after a few days. CloudFront to serve HLS transcoding videos for Glacier.
  3. Use an Elastic Transcoder to transcode original high-resolution MP4 videos to HLS; EBS volumes to host videos and EBS snapshots to incrementally back up original rules after a few days, and CloudFront to serve HLS transcoded videos from EC2.
  4. Use a video transcoding pipeline running on EC2 using SQS to distribute tasks and Auto Scaling to adjust the number of nodes depending on the length of the queue. Use EBS volumes to host videos and EBS snapshots to incrementally back up original files after a few days and CloudFront to serve HLS transcoded videos from EC2.

5. You have to choose Amazon EBS for the following requirement: ‘Your Application during bootup needs moderate I/O requirements with 60 IOPS on volumes, on an average.’ Which of the following types of Elastic Block Storage will you choose?

SELECT THE CORRECT ANSWER

  1. Standard EBS Volumes
  2. Provisioned IOPS Volumes
  3. Amazon S3
  4. Amazon Simple DB

6. What would be the best way to set permissions on an S3 bucket if you want to deliver the content over the Internet but only to your employees?

SELECT THE CORRECT ANSWER

  1. Use S3 pre-signed URLs through the API.
  2. Create an S3 account for every employee.
  3. Download the content on your intranet.
  4. Create rules and upload it in a .csv format

7. Can you directly access the binary logs for your Database Instance to manage your replication?

SELECT THE CORRECT ANSWER

  1. Yes, you can directly access the logs for MySQL-based RDS.
  2. No, you can not access the logs for any RDS instance.
  3. Yes, you can directly access the logs for Oracle-based RDS.
  4. Yes, you can directly access the logs for MSSQL-based RDS.

8. An AWS customer runs a website. The site users upload two million blog entries a month. The average blog entry size is 200KB. The access rate to blog entries drops to negligible six months after publication and users rarely access a blog a year after publication. Additionally, blog entries have a high update rate during the first three months following publication and this drops to no updates after six months. The customer wants to use CloudFront to improve his user’s load times. Which of the following recommendations would you make to the customer?

SELECT THE CORRECT ANSWER

  1. Duplicate entries into two different buckets and create two separate CloudFront distributions where S3 access is restricted only to CloudFront identity.
  2. Create a CloudFront distribution with U.S./Europe price class for U.S./Europe users and a different CloudFront distribution with all edge locations for the remaining users.
  3. Create a CloudFront distribution with S3 access restricted only to the CloudFront identity. Partition the blog entry’s location in S3 according to the month it was uploaded to be used with CloudFront behaviors.
  4. Create a CloudFront distribution with restricted viewer access forward query string set to true and minimum TTL to 0.

9. Which of the following are true?

SELECT THE CORRECT ANSWER

  1. Security groups can be used to add DENY traffic rules.
  2. Any route table will have one route by default.
  3. There is no separate charge for Instance storage.
  4. AWS takes care of anti-virus updates on EC2 instances.

10. You need to analyze a large amount of data stored on Amazon Elastic Map Reduce. You are using the cc2 8x large instance type where the CPUs are mostly idle during processing. Which of the following options would be the most cost-efficient way to reduce the runtime of the job?

SELECT THE CORRECT ANSWER

  1. Create smaller files on Amazon S3.
  2. Add additional cc2 8x large instance by introducing a task group.
  3. Use smaller instances that have higher aggregate I/O performance.
  4. Create fewer, larger files on Amazon S3.