AWS-CSAA-Cheat-Sheet.pdf - GETTING STARTED WELCOME Thanks for purchasing these training notes for the AWS Certified Solutions Architect Associate exam

AWS-CSAA-Cheat-Sheet.pdf - GETTING STARTED WELCOME Thanks...

This preview shows page 1 out of 295 pages.

You've reached the end of your free preview.

Want to read all 295 pages?

Unformatted text preview: GETTING STARTED WELCOME Thanks for purchasing these training notes for the AWS Certified Solutions Architect Associate exam from Digital Cloud Training. The information in this document relates to the latest SAA-C02 version of the exam. The SAA-C02 exam covers a broad set of AWS services and the aim of putting this information together is to provide a centralized, detailed list of the facts you need to know before you sit the exam. This will shortcut your study time and maximize your chance of passing the exam first time. I hope you get great value from this resource and wish you all the best with your AWS Certified Solutions Architect Associate exam. Neal Davis AWS Solutions Architect & Founder of Digital Cloud Training © 2020 Digital Cloud Training 2 ABOUT THESE TRAINING NOTES This document does not read like a book or instructional text. We provide a raw, point-to-point list of facts backed by tables and diagrams to help with understanding. For easy navigation, the information on each AWS service in this document is organized into the same categories as they are in the AWS Management Console. The scope of coverage of services, and what information is included for each service, is based on feedback from our pool of over 40,000 students who have taken the exam, as well as our own experience - and may differ between AWS services. To test your understanding, we have added 80 quiz questions that you will find at the end of each major chapter. Please note that quiz questions that are numbered, are primarily designed as a tool to review your knowledge of the content that was presented within the section. Quiz questions that are lettered represent the AWS exam style or difficulty. You will also find examples of exam style practice questions within the chapter "How to best prepare for your exam". YOUR PATHWAY TO SUCCESS If you’re new to AWS, we’d suggest first enrolling in the online instructor-led AWS Certified Solutions Architect Associate Hands-on Labs Video Course from Digital Cloud Training to familiarize yourself with the AWS platform before returning to the Training Notes to get a more detailed understanding of the AWS services. To assess where you are at on your AWS journey, we recommend taking the AWS Certified Solutions Architect Associate Practice Exams on the Digital Cloud Training website. The online exam simulator with over 500 unique questions will help you identify your strengths and weaknesses. These practice tests are designed to reflect the difficulty of the AWS exam and are the closest to the real exam experience available. As a final step, use these training notes to focus your study on the knowledge areas where you need to most. CONTACT, SUPPORT & FEEDBACK We hope you get great value from these training resources. If for any reason you are not 100% satisfied, please message us at [email protected] © 2020 Digital Cloud Training 3 For technical support, contact us at: [email protected] The AWS platform is evolving quickly, and the exam tracks these changes with a typical lag of around 6 months. We are therefore reliant on student feedback to keep track of what is appearing in the exam. Our private Facebook group is a great place to ask questions and share knowledge and exam tips with the AWS community. Please join the discussion and share your exam feedback to our Facebook group: HOW TO BEST PREPARE FOR YOUR EXAM THE AWS EXAM BLUEPRINT The AWS Certified Solutions Architect Associate exam is recommended for individuals with at least one year of hands-on experience. The exam is intended for Solutions Architects and requires you to demonstrate knowledge of how to define a solution using architectural design principles based on customer requirements and provide implementation guidance based on best practices to the organization throughout the lifecycle of the project. In the official Exam Guide for the AWS Certified Solutions Architect, the following AWS knowledge is recommended: • One year of hands-on experience designing available, cost-efficient, fault-tolerant, and scalable distributed systems on AWS. • Hands-on experience using compute, networking, storage and database AWS services. • Hands-on experience with AWS deployment and management services. • Ability to identify and define technical requirements for an AWS-based application. • Ability to identify which AWS services meet a given technical requirement. • Knowledge of recommended best practices for building secure and reliable applications on the AWS platform. • An understanding of the basic architectural principles of building on the AWS cloud. • An understanding of the AWS global infrastructure. • An understanding of network technologies as they relate to AWS. • An understanding of security features and tools that AWS provides and how they relate to traditional services. © 2020 Digital Cloud Training 4 The exam includes 65 questions and has a time limit of 130 minutes. You need to score a minimum of 720 out of 1000 points to pass the exam. The question format of the exam is multiple-choice (one correct response from four options) and multiple response (two or more correct responses from five or more options). The questions are 100% scenario based with most scenarios being just a couple to a few lines long. You will find there are often multiple correct answers and you must select the answer that best fits the scenario. For instance, you may be asked to select the MOST secure, MOST cost-effective, BEST architecture or LEAST complex option. Important: Be very careful reading the wording of the question to ensure you select correctly. Sometimes small details can be easily missed that change the answer so take your time when sitting the exam. DOMAINS, OBJECTIVES AND EXAMPLES The knowledge required is organized into four test “domains”. Within each test domain, there are several objectives that broadly describe the knowledge and experience required to pass the exam. Test Domain 1: Design Resilient Architectures This domain makes up 30% of the exam and includes the following four objectives: 1.1 Design a multi-tier architecture solution. 1.2 Design highly available and/or fault-tolerant architectures. 1.3 Design decoupling mechanisms using AWS services. 1.4 Choose appropriate resilient storage. What you need to know You need to understand the various block, file and object storage technologies such as Amazon EBS, Instance Store, Amazon EFS, Amazon S3, and Amazon FSx and know their use cases. You must be able to design multi-tier application architectures and know-how to decouple application components using technologies such as Amazon SQS and Amazon SWF. The architectures also need to be highly available in the case of component failure, and able to recover in the case of major outages, so you need to know the various ways of implementing high availability and fault tolerance. Technologies you need to understand include Amazon Elastic Load Balancing, Amazon Route 53 and Amazon RDS Read Replicas and Multi-AZ. You also need to understand the AWS Global Infrastructure in order to determine how to design application stacks to best use the underlying infrastructure architecture. Example Questions Question: You are a Solutions Architect at a media company, and you need to build an application stack that can receive customer comments from sporting events. The application is expected to receive significant load that could scale to millions of messages within a short space of time following highprofile matches. As you are unsure of the load required for the database layer what is the most cost-effective way to ensure that the messages are not dropped? © 2020 Digital Cloud Training 5 1. Use RDS Auto Scaling for the database layer which will automatically scale as required 2. Create an SQS queue and modify the application to write to the SQS queue. Launch another application instance that polls the queue and writes messages to the database 3. Write the data to an S3 bucket, configure RDS to poll the bucket for new messages 4. Use DynamoDB and provision enough write capacity to handle the highest expected load Answer: 2, Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly scalable, hosted queue for storing messages in transit between computers and is used for distributed/decoupled applications. This is a great use case for SQS as you don’t have to over-provision the database layer or worry about messages being dropped. Question: A new Big Data application you are developing will use hundreds of EC2 instances to write data to a shared file system. The file system must be stored redundantly across multiple AZs within a region and allow the EC2 instances to concurrently access the file system. The required throughput is multiple GB per second. From the options presented which storage solution can deliver these requirements? 1. Amazon EBS using multiple volumes in a RAID 0 configuration 2. Amazon S3 3. Amazon EFS 4. Amazon Storage Gateway Answer: 3, Amazon EFS is the best solution as it is the only solution that is a file-level storage solution (not block/object-based), stores data redundantly across multiple AZs within a region and you can concurrently connect up to thousands of EC2 instances to a single filesystem. Test Domain 2: Design High-Performing Architectures This domain makes up 28% of the exam and includes the following objectives: 2.1 Identify elastic and scalable compute solutions for a workload. 2.2 Select high-performing and scalable storage solutions for a workload. 2.3 Select high-performing networking solutions for a workload. 2.4 Choose high-performing database solutions for a workload. What you need to know You need to be able to select the best storage and database services to use for a given scenario, taking into account requirements for performance. Technologies to increase performance may include a caching layer such as Amazon ElastiCache, Amazon DynamoDB DAX, or Amazon CloudFront and you must be able to select the best service to use in the situation presented. You must know how to effectively implement elasticity and scalability to your application architectures. This means understanding at an architectural and implementation level what to use and how to build it. Elasticity and scalability services you need to understand include AWS Auto Scaling, EC2 Auto Scaling, and how to implement these features at the application, storage, and database layers of your application using AWS technology. Example Questions © 2020 Digital Cloud Training 6 Question: A developer is creating a solution for a real-time bidding application for a large retail company that allows users to bid on items of end-of-season clothing. The application is expected to be extremely popular and the back-end DynamoDB database may not perform as required. How can the Solutions Architect enable in-memory read performance with microsecond response times for the DynamoDB database? 1. Configure DynamoDB Auto Scaling 2. Enable read replicas 3. Increase the provisioned throughput 4. Configure Amazon DAX Answer: 4, Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement – from milliseconds to microseconds – even at millions of requests per second. You can enable DAX for a DynamoDB database with a few clicks. Question: A Solutions Architect is designing a workload that requires a high-performance object-based storage system that must be shared with multiple Amazon EC2 instances. Which AWS service delivers these requirements? 1. Amazon S3 2. Amazon EFS 3. Amazon EBS 4. Amazon ElastiCache Answer: 1, Amazon S3 is an object-based storage system. Though object storage systems aren’t mounted and shared like filesystems or block-based storage systems, they can be shared by multiple instances as they allow concurrent access. Test Domain 3: Design Secure Applications and Architectures This domain makes up 24% of the exam and includes the following three objectives: 3.1 Design secure access to AWS resources. 3.2 Design secure application tiers. 3.3 Select appropriate data security options. What you need to know You need to understand how to use native AWS technologies and solution architecture to create secure applications. This includes configuring security controls for authentication, authorization, and access and applying encryption to data. You need to know how to design isolation and separation through AWS service architecture, Amazon EC2 instance deployment options and Amazon VPC configuration. It is also recommended to understand the best practices for implementing services in the most secure manner and best practices for creating users, groups, and roles using AWS IAM. Which services can use multi-factor authentication is also required knowledge and you should understand the available AWS Directory Services at a high-level and when to use them. © 2020 Digital Cloud Training 7 Questions often come up asking you to identify which technologies include DDoS mitigation and these include AWS Auto Scaling, Amazon CloudFront, and Amazon Route 53. You should also know how to implement monitoring and logging using Amazon CloudWatch and AWS CloudTrail, when and what penetration testing you are allowed to perform within the AWS cloud and what compliance programs AWS comply with. Technologies you need to know for domain 3 include Amazon VPC, AWS KMS, AWS CloudHSM, AWS IAM, Amazon Cognito, and AWS Directory Services. Example Questions Question: The development team at your company have created a new mobile application that will be used by users to access confidential data. The developers have used Amazon Cognito for authentication, authorization, and user management. Due to the sensitivity of the data, there is a requirement to add another method of authentication in addition to a username and password. You have been asked to recommend the best solution. What is your recommendation? 1. Integrate IAM with a user pool in Cognito 2. Enable multi-factor authentication (MFA) in IAM 3. Integrate a third-party identity provider (IdP) 4. Use multi-factor authentication (MFA) with a Cognito user pool Answer: 4, You can use MFA with a Cognito user pool (not in IAM) and this satisfies the requirement. A user pool is a user directory in Amazon Cognito. With a user pool, your users can sign-in to your web or mobile app through Amazon Cognito. Your users can also sign-in through social identity providers like Facebook or Amazon, and through SAML identity providers. Question: You have been asked to come up with a solution for providing single sign-on to existing staff in your company who manage on-premise web applications and now need access to the AWS management console to manage resources in the AWS cloud. Which product combinations provide the best solution to achieve this requirement? 1. Use your on-premise LDAP directory with IAM 2. Use IAM and MFA 3. Use the AWS Secure Token Service (STS) and SAML 4. Use IAM and Amazon Cognito Answer: 3, Single sign-on using federation allows users to log-in to the AWS console without assigning IAM credentials. The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM users or for users that you authenticate (such as federated users from an on-premise directory). Federation (typically Active Directory) uses SAML 2.0 for authentication and grants temporary access based on the users’ AD credentials. The user does not need to be a user in IAM. Test Domain 4: Design Cost-Optimized Architectures This domain makes up 18% of the exam and includes the following objectives: 4.1 Identify cost-effective storage solutions. 4.2 Identify cost-effective compute and database service. 4.3 Design cost-optimized network architectures. © 2020 Digital Cloud Training 8 What you need to know A relatively small but still important area of the exam requires architects to consider cost-effectiveness when deploying application on AWS. You need to understand the various cost models of compute and storage services, what you pay for and what the best choices would be given a specific scenario. Example Questions Question: You need to run a production batch process quickly that will use several EC2 instances. The process cannot be interrupted and must be completed within a short time period. What is likely to be the MOST cost-effective choice of EC2 instance type to use for this requirement? 1. Reserved instances 2. Spot instances 3. On-demand instances 4. Flexible instances Answer: 3, the key requirements here are that you need to deploy several EC2 instances quickly to run the batch process and you must ensure that the job completes. The on-demand pricing model is the best for this ad-hoc requirement. Though spot pricing may be cheaper, you cannot afford to risk that the instances are terminated by AWS when the market price increases. Question: An Architect is designing a serverless application that will accept images uploaded by users from around the world. The application will make API calls to back-end services and save the session state data of the user to a database. Which combination of services would provide a solution that is cost-effective while delivering the least latency? 1. Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, DynamoDB 2. API Gateway, Amazon S3, AWS Lambda, DynamoDB 3. Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, Amazon RDS 4. Amazon S3, API Gateway, AWS Lambda, Amazon RDS Answer: 1, Amazon CloudFront caches content closer to users at Edge locations around the world. This is the lowest latency option for uploading content. API Gateway and AWS Lambda are present in all options. DynamoDB can be used for storing session state data. © 2020 Digital Cloud Training 9 TABLE OF CONTENTS GETTING STARTED ........................................................................................................... 2 Welcome..............................................................................................................................................2 About these Training Notes.................................................................................................................3 Your Pathway to Success .....................................................................................................................3 Contact, Support & Feedback .............................................................................................................3 How to Best Prepare for your Exam ....................................................................................................4 COMPUTE .......................................................................................................................13 Amazon EC2 ...................................................................................................................................... 13 Amazon EBS ...................................................................................................................................... 27 Elastic Load Balancing ...................................................................................................................... 36 AWS Auto Scaling ............................................................................................................................. 53 Amazon ECS ...................................................................................................................................... 60 AWS Lambda .................................................................................................................................... 67 AWS Elastic Beanstalk ...................................................................................................................... 71 Compute Quiz Questions.......................................................................................................
View Full Document

  • Fall '19
  • Amazon Web Services, AWS, Amazon Elastic Compute Cloud

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture