How to prepare for AWS Solutions Architect Associate Exam

Sun, Feb 23, 2020

Read in 5 minutes

Recently I cleared the AWS solutions architect exam. In this blog, I will share my preparation tips and some of the problems that I got in my exam.

AWS services for solutions architect Associate Exam

  1. S3
  2. Ec2
  3. VPN
  4. Route 53
  5. Lamda
  6. Load balancer
  7. SQS, SNS
  8. cloud database – Amazon Aurora, Redshift, RDS
  9. Auto Scaling.
  10. cloud Formation

Most of the questions which I got are from the above services. So, try to get practical knowledge of the above services. I got around 10-15 questions from networking (VPN),5 questions from choosing the correct load balancer type, few questions on selecting correct storage type, few on selecting the database for a scenario and 2 -3 questions on predicting the total number of instances on creating highly available architecture and one question on creating disaster recovery setup.

I could not remember the exact questions but Here I discuss the scenarios and problems.

Scenario#1 : A company has a mobile application that has EC2 instances to process the billing and processed data will be created as an image. Now the images need to be stored in s3. If you store the images from the web tier, the traffic will be high. What is the best way to store the image in S3?

Multiple-choice options:

  1. Directly upload to s3 with pre-signed URL
  2. Create 2 buckets and upload them into one and upload them into another one later with a lambda function.

My Answer: Directly upload to s3 with a pre-signed URL. (Note: this is my understanding and please refer AWS documentation to get a better answer)

Scenario#2 : An Application has web tier in the public subnet, database in the private subnet. The database in the private subnet needs access to the internet to download security patches. select the correct way.

Multiple-choice options:

  1. Create NAT in the public subnet and update the Route table in the private subnet
  2. Create NAT in the public subnet and update the Route table in the public subnet

My Answer: Create NAT in the public subnet and update the Route table in the private subnet.

Scenario#3 : A company need to store 10 TB of raw data, unlikely to be accessed and need to store for auditing purpose.

Multiple-choice options:

  1. S3 Glacier
  2. cold HDD My Answer: S3 Glacier

Scenario#4 : A company has a sales application that is getting performance issues. The reason for that performance issue is, the new dashboard feature that they created has realtime data prediction. select an option from the below list to increase performance.

Multiple-choice options:

  1. Create Read replica
  2. For the dashboard, configure redshift (I selected this)
  3. Enable multi-AZ

Scenario# 5 : Choose the correct load balancer for an application that needs WebSocket.

Multiple-choice options :

  1. application load balancer (I selected this option)
  2. classic load balancer
  3. network load balancer
  4. Cloud front

Scenario# 6: If the application gets any error, you need to configure a global exception page in s3.which one the below option is the best fit for that.

Multiple-choice options :

  1. route 53 failover routing (I selected this option)
  2. Health condition routing.
  3. route 53 alias record should be created for s3 routing.
  4. route 53 CNAME should be created for routing to S3

Scenario# 7: A company has 3 tier architecture application, you have web tier, application tier, and SQL database tier. Currently, DR activity is done manually, that DR activity needs to be automated. So the company wants to move this to the cloud. For high availability what is the best solution?

Multiple-choice options :

  1. Create 2 subnets for web tier and 2 subnets for application tier, RDS Multi-AZ enabled. Decommission the existing DR. (I selected this option)
  2. Have an application in one region and DR in other regions and let the cloud manage it.
  3. Have application infrastructure and DR in a different availability zone.

Scenario# 8: In s3, though you deleted object it is visible in one region it is available in another region. What is the reason for this?

  1. Strong consistency for delete and update.
  2. Eventual consistency for put, new put and delete. (I selected this option)

Scenario# 9: Which is suitable for a messaging broker?

  1. SNS
  2. SQS
  3. SWF
  4. MQ

Scenario# 10: As per the company architect’s decision, the company has to manage the key. Choose the correct option for managing keys.

  1. HSM
  2. S3-KMS
  3. Server-side encryption -CMS (I selected this)

Scenario# 11: An organization data needs to be encrypted at rest and the Key has to be generated in office premises and it can be uploaded in AWS

  1. Server-side encryption -KMS
  2. server-side encryption – key uploaded by the customer (I selected this option)

Scenario# 12: A company has 2 tier application .webtier application created by docker image and my SQL is used for the database. This application needs to be migrated to the cloud. Select the best option.

  1. Use ECS for web tier for running docker and create RDS for my SQL
  2. Use multi ECS containers for both web tier with docker and DB tier.

Scenario# 13: The application uses kinesis for streaming operations. Which had a performance problem because of this streaming. Select the proper way to overcome the problem.

  1. Using update command increase the shards in kinesis. (I selected this)
  2. Enable kinesis for multi-AZ.
  3. Decrease the shares in the kinesis.

Scenario# 14: Application has high critical business data, a batch needs to be run on every weekend night for 8 hours without any interception .which instance will be suitable?

  1. On demand
  2. Reserved
  3. Spot
  4. Scheduled reserved (I selected this)

Scenario# 15: The company launched a website where users can upload images in S3. Due to the high volume of traffic, they want to include authentication. select the correct option for this scenario.

  1. Use Cognito authentication
  2. IAM role permission.
  3. pre-signed URL to access the bucket in s3 (I selected this).

Scenario# 16: The Redis cluster needs authentication. What are the possible ways?

  1. Redis Auth
  2. I forgot the other options

Scenario# 17: Files need to be shared between teams and only the authorized team member should have access to their team folder. What is the best way to achieve this in the cloud?

  1. EFS (I selected this option)
  2. S3

Scenario# 18: How to do encryption for EBS volume?

I forgot the options.