style="font-size:15px;"> 11. D. Amazon RDS connection strings are based on Amazon Route 53 DNS. Inside Amazon RDS, they are referred to as endpoints. Endpoints include both the DNS name and the port number for the database instance.
12. A. Amazon EBS volumes must reside within the same Availability Zone (AZ) as the instance to which you are attaching the volume.
13. A. You can create an Amazon Aurora Read Replica to sync data from an Amazon RDS for MySQL source. By failing over to the replica, you can efficiently migrate between databases. Use a manual snapshot to pre-populate the read replica.
14. B. An Amazon RDS instance in a Multi-AZ deployment will automatically fail from a failed primary node to the standby node.
15. D. An Amazon DynamoDB database is replicated across three facilities in an AWS Region automatically.
16. C. Amazon ElastiCache provides an in-memory cache that can cache frequently read data and alleviate common read queries from hitting your database layer.
17. A. Elastic IPs are associated with the account, not the Amazon EC2 instance. However, unassigned Elastic IPs incur a charge. This is to discourage hoarding of IP addresses.
18. B. IAM should not be used because content will be accessed by individuals who do not have an IAM account. The LIST Distribution API just lists distributions; it does not control access. Origin Access Identity (OAI) is how you control access to content in an Amazon S3 object, not an Amazon CloudFront Distribution.
19. C. Amazon DynamoDB does not support the AWS Key Management Service (AWS KMS) nor server-side encryption. You can use customer-side encryption to store encrypted data in Amazon DynamoDB.
20. A. Amazon DynamoDB is a fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale. It is fully managed, and it supports both document and key-value store models.
21. D. Amazon SQS provides a scalable message queueing service, which allows the operator to avoid the undifferentiated heavy lifting associated with running a traditional message queuing application.
22. D. AWS Direct Connect uses the VPN Gateway as the gateway to the VPC. You can create a VPC that only has a VPN Gateway attached to it.
23. C. You can configure health checks, which are used to monitor the health of the registered instances so that the load balancer can send requests only to the healthy instances.
24. B. When you use Auto Scaling to scale your applications automatically, it is useful to know when Auto Scaling is launching or terminating the Amazon EC2 instances in your Auto Scaling group. Amazon SNS coordinates and manages the delivery or sending of notifications to subscribing clients or endpoints. You can configure Auto Scaling to send a SNS notification whenever your Auto Scaling group scales. AWS Lambda blocks port 25, the SMTP port, therefore it is not possible to send emails with Lambda.
25. A. Spot instances provide you with access to unused Amazon EC2 capacity at steep discounts relative to On-Demand prices. The Spot price fluctuates based on the supply and demand of available unused EC2 capacity.
Chapter 1
Introduction to Systems Operations on AWS
THE AWS CERTIFIED SYSOPS ADMINISTRATOR – ASSOCIATE EXAM TOPICS COVERED IN THIS CHAPTER MAY INCLUDE, BUT ARE NOT LIMITED TO, THE FOLLOWING:
Domain 4.0: Deployment and Provisioning
✔ 4.1 Demonstrate ability to build the environment to conform with the architectural design
✔ 4.2 Demonstrate ability to provision cloud resources and manage implementation automation
Content may include the following:
■ How to deploy cloud services
■ Familiarity with three-tier architectures
■ Deploying serverless architectures
Domain 6.0: Security
✔ 6.1 Ensure data integrity and access controls when using the AWS platform
Content may include the following:
■ AWS shared responsibility model
■ AWS Cloudtrail
■ Amazon EC2 Security Groups
■ Network access control lists (ACLs)
Domain 7.0: Networking
✔ 7.1 Demonstrate the ability to implement networking features on AWS
Content may include the following:
■ Amazon Virual Private Cloud (Amazon VPC)
Systems Operators
You are a systems operator, and it is your job to keep your application environments running at maximum performance at all times. Just as a pit crew enables the racecar driver to win a race, systems operators are the pit crew – they help end users function successfully in their day-to-day jobs. You are an AWS systems operator, and this book will help you obtain the AWS Certified SysOps Administrator – Associate certification.
You might find yourself manually installing common, off-the-shelf packages on standalone instances. You might be coordinating an enterprise-wide effort to embrace fully-automated continuous deployment/continuous integration. Wherever you are on that spectrum, the responsibility to get it running in the first place falls on your shoulders.
However, deployment comprises much more than initializing systems. As enterprises evolve from monolithic application servers to container services, micro services, and serverless architectures, keeping up with the continuous stream of service updates requires attention and automation that you must manage.
You might have a wall of monitors, all rendering real-time data on the environments in your care. You might have fully-automated alert functions that respond to changes in behavior, repairing or replacing failing parts and keeping you informed of these adjustments.
Nonetheless, you are monitoring much more than just network latency or CPU consumption. You have analytic engines that trace patterns in user behaviors – both consumers and employees. Your bots constantly review log files, looking for unusual activity and notifying you of anomalies.
As a systems operator, you are your company’s best agent for maximizing performance because your analytics help you choose the correct infrastructure configuration, the optimal storage methods, and the best possible customer outcome.
By 123net – Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php? curid=17384917
However, you do more than optimize for speed; you optimize for cost. By using elastic environments, your
