22 A. An EC2 instance in a private subnet still has access to Amazon's private DNS servers, which can resolve records stored in public hosted zones. See Chapter 8 for more information.
23 C. Geoproximity routing routes users to the location closest to them. Geolocation routing requires you to create records for specific locations or create a default record. See Chapter 8 for more information.
24 A. Route 53 is a true DNS service in that it can host zones for any domain name. You can also register domain names with or transfer them to Route 53. See Chapter 8 for more information.
25 B. Lambda is a highly available, reliable, “serverless” compute platform that runs functions as needed and scales elastically to meet demand. EC2 spot instances can be shut down on short notice. See Chapter 10 for more information.
26 A. A simple scaling policy changes the group size and then has a cooldown period before doing so again. Step scaling policies don't have cooldown periods. Target tracking policies attempt to keep a metric at a set value. PercentChangeInCapacity is a simple scaling adjustment type, not a scaling policy. See Chapter 10 for more information.
27 A. Auto Scaling always attempts to maintain the minimum group size or, if set, the desired capacity. See Chapter 10 for more information.
28 D. ElastiCache supports Memcached and Redis, but only the latter can store data persistently. See Chapter 11 for more information.
29 B. Puppet is a configuration management platform that AWS offers via OpsWorks but is not itself an AWS service. See Chapter 11 for more information.
30 B. S3 cross‐region replication transfers objects between different buckets. Transfer acceleration uses a CloudFront edge location to speed up transfers between S3 and the Internet. See Chapter 11 for more information.
31 A. You can deactivate STS for all regions except US East. See Chapter 12 for more information.
32 A. GuardDuty looks for potentially malicious activity. Inspector looks for vulnerabilities that may result in compromise. Shield and Web Application Firewall protect applications from attack. See Chapter 12 for more information.
33 A. Applying encryption to an unencrypted object will create a new, encrypted version of that object. Previous versions remain unencrypted. See Chapter 12 for more information.
34 C. On‐demand instances will continue to run and incur costs. Reserved instances cost the same whether they're running or stopped. Spot instances will be terminated when the spot price exceeds your bid price. See Chapter 13 for more information.
35 A. The EBS Lifecycle Manager can take scheduled snapshots of any EBS volume, regardless of attachment state. See Chapter 13 for more information.
36 C. Elastic Container Service lets you run containers that can launch in a matter of seconds. EC2 instances take longer. Lambda is “serverless,” so you can't use it to run a web server. CloudFront provides caching but isn't a web server. See Chapter 13 for more information.
37 A. Almost everything in CloudFormation is case sensitive. See Chapter 14 for more information.
38 A, C. CodeDeploy looks for the appspec.yml file with the application files it is to deploy, which can be stored in S3 or on GitHub. See Chapter 14 for more information.
39 B. You can use CodeDeploy to deploy an application to Lambda or EC2 instances. But an AWS Systems Manager command document works only on EC2 instances. See Chapter 14 for more information.
Chapter 1 Introduction to Cloud Computing and AWS
The cloud is where much of the serious technology innovation and growth happens these days, and Amazon Web Services (AWS), more than any other, is the platform of choice for business and institutional workloads. If you want to be successful as an AWS solutions architect, you'll first need to understand what the cloud really is and how Amazon's end of it works.
TO MAKE SURE YOU'VE GOT THE BIG PICTURE, THIS CHAPTER WILL EXPLORE THE BASICS:
What makes cloud computing different from other applications and client‐server models
How the AWS platform provides secure and flexible virtual networked environments for your resources
How AWS provides such a high level of service reliability
How to access and manage your AWS‐based resources
Where you can go for documentation and help with your AWS deployments
Cloud Computing and Virtualization
The technology that lies at the core of all cloud operations is virtualization. As illustrated in Figure 1.1, virtualization lets you divide the hardware resources of a single physical server into smaller units. That physical server could therefore host multiple virtual machines (VMs) running their own complete operating systems, each with its own memory, storage, and network access.
FIGURE 1.1 A virtual machine host
Virtualization's flexibility makes it possible to provision a virtual server in a matter of seconds, run it for exactly the time your project requires, and then shut it down. The resources released will become instantly available to other workloads. The usage density you can achieve lets you squeeze the greatest value from your hardware and makes it easy to generate experimental and sandboxed environments.
Cloud Computing Architecture
Major cloud providers like AWS have enormous server farms where hundreds of thousands of servers and disk drives are maintained along with the network cabling necessary to connect them. A well‐built virtualized environment could provide a virtual server using storage, memory, compute cycles, and network bandwidth collected from the most efficient mix of available sources it can find.
A cloud computing platform offers on‐demand, self‐service access to pooled compute resources where your usage is metered and billed according to the volume you consume. Cloud computing