Question #1
A global e-commerce company processes a steady workload of order reconciliation and inventory updates every night from 11 PM to 4 AM. Previously, this workload was handled in an on-premises data center, but the company has decided to migrate to AWS to optimize costs. The process requires reserved compute capacity and must run without any interruptions.
As a Senior Solutions Architect, which option would provide the most cost-effective solution for their AWS architecture?
A. Use On-Demand EC2 instances, which allow paying per second for the instances launched while reserving compute capacity in a specific Availability Zone to prevent interruptions.
B. Use Regional Reserved Instances, which reserve capacity in a specific Availability Zone and lower operational costs with billing discounts.
C. Use On-Demand Capacity Reservations, which ensure that compute capacity is always available in a specific Availability Zone on a scheduled, recurring basis.
D. Use Dedicated Hosts, which provide a fully dedicated physical host to run instances, allowing the company to bring existing per-socket, per-core, or per-VM software licenses to reduce costs.
Show answer
Correct Answer:
✅ C. Use On-Demand Capacity Reservations, which provide compute capacity that is always available on a predefined recurring schedule.
Explanation:
On-Demand Capacity Reservations guarantee compute capacity in a specific Availability Zone without requiring long-term commitments. This is the best choice for workloads that:
✔ Require guaranteed capacity at a specific time every night.
✔ Run on a predefined schedule, making Spot Instances unsuitable.
✔ Need high availability and reliability without overpaying for long-term Reserved Instances.
Why Not the Other Options?
❌ A. Regional Reserved Instances – While Reserved Instances offer cost savings, they do not guarantee capacity in a specific Availability Zone, which is a critical requirement for this workload.
❌ B. On-Demand EC2 Instances – These provide flexibility, but they do not guarantee availability in a specific Availability Zone, which could lead to processing delays.
❌ D. Dedicated Hosts – These are more expensive and designed for special licensing requirements rather than cost-effective compute reservations for financial workloads.
Key Takeaway:
If capacity in a specific AZ is required, but you don’t want to commit to a long-term Reserved Instance, On-Demand Capacity Reservations are the best solution for cost-optimized, predictable workloads.
Question #2
A global SaaS provider needs to deploy at least two Amazon EC2 instances to handle its normal application workloads and automatically scale up to six instances during traffic spikes. The system processes critical business transactions and must be highly available and fault-tolerant.
As a Solutions Architect, what should be done to meet this requirement?
A. Create an Auto Scaling group of EC2 instances and set the minimum capacity to 2 and the maximum capacity to 6. Use 2 Availability Zones and deploy 1 instance for each AZ.
B. Create an Auto Scaling group of EC2 instances and set the minimum capacity to 2 and the maximum capacity to 4. Deploy 2 instances in Availability Zone A and 2 instances in Availability Zone B.
C. Create an Auto Scaling group of EC2 instances and set the minimum capacity to 4 and the maximum capacity to 6. Deploy 2 instances in Availability Zone A and another 2 instances in Availability Zone B.
D. Create an Auto Scaling group of EC2 instances and set the minimum capacity to 2 and the maximum capacity to 6. Deploy 4 instances in Availability Zone A.
Show answer
Correct Answer:
✅ C. Create an Auto Scaling group of EC2 instances and set the minimum capacity to 4 and the maximum capacity to 6. Deploy 2 instances in Availability Zone A and another 2 instances in Availability Zone B.
Explanation:
For high availability and fault tolerance, the architecture must:
✔ Use an Auto Scaling group to dynamically adjust the number of instances based on demand.
✔ Deploy instances across multiple AZs to avoid a single point of failure.
✔ Ensure at least two instances are always running in normal conditions.
✔ Set the minimum capacity to 4 so that even if an entire AZ fails, at least 2 instances remain operational in the other AZ.
✔ Set the maximum capacity to 6 to handle peak loads.
Why Not the Other Options?
❌ A. Only deploying 1 instance per AZ does not meet the requirement for at least 2 instances always running in normal conditions. If one AZ fails, only 1 instance would remain, which is insufficient.
❌ B. Setting the maximum capacity to 4 does not meet the requirement to scale up to 6 instances during peak load.
❌ D. Deploying all instances in a single AZ (4 instances in AZ A) violates high availability principles and creates a single point of failure.
By setting the minimum capacity to 4 and distributing instances across two AZs, the architecture ensures fault tolerance while meeting both normal and peak load demands.
Question #3
A digital content company runs a video processing application on Amazon EC2. Each EC2 instance pulls tasks from a queue, processes the video, and stores the output. If an instance fails during processing, the task is automatically picked up by another instance. Due to a sudden surge in video uploads, there is a large backlog that needs to be processed quickly.
Your manager wants to add more EC2 instances to clear the backlog but only needs them temporarily. Cost optimization is a key requirement.
Which type of Amazon EC2 instance should be used in this scenario?
A. Dedicated instances
B. On-demand instances
C. Spot instances
D. Reserved instances
Show answer
Correct Answer:
✅ C. Spot instances
Explanation:
Spot instances are the most cost-effective choice for this scenario because:
- Spot instances are available at up to 90% lower cost than On-Demand instances.
- The workload is fault-tolerant, meaning if an instance is interrupted, another instance can take over.
- Since the additional instances are only needed temporarily, Spot instances provide a flexible and low-cost option.
Why Not the Other Options?
❌ A. Dedicated instances – These are more expensive and typically used for workloads with strict compliance or licensing requirements, which are not needed here.
❌ B. On-demand instances – While they provide flexibility, they are significantly more expensive than Spot instances for temporary workloads.
❌ D. Reserved instances – Reserved Instances are cost-effective only for long-term, steady workloads. Since the additional capacity is needed temporarily, Reserved Instances would be a waste of resources.
By using Spot instances, the company can quickly scale up processing power at a significantly lower cost, making it the best option for reducing the backlog efficiently.
Question #4
A fitness tracking company has developed a personalized nutrition application that generates weekly meal plans and tracks food consumption. The application runs on an Amazon EC2 instance and needs to access multiple AWS services, including an Amazon S3 bucket for storing user meal data.
Which of the following is the best way to allow the EC2 instance to access the S3 bucket and other AWS services securely?
A. Store the API credentials in a configuration file inside the EC2 instance.
B. Create an IAM role and assign it to the EC2 instance.
C. Add the API credentials to the Security Group associated with the EC2 instance.
D. Store the API credentials on a bastion host and retrieve them when needed.
Show answer
Correct Answer:
✅ B. Create an IAM role and assign it to the EC2 instance.
Explanation:
The best practice for granting an EC2 instance access to AWS services securely is to use IAM roles because:
- IAM roles eliminate the need for storing API credentials in the instance, reducing security risks.
- The temporary credentials assigned to the role are automatically managed and rotated by AWS.
- The EC2 instance can access AWS services without manual credential management, making it both secure and scalable.
Why Not the Other Options?
❌ A. Storing API credentials inside the EC2 instance – This is a security risk because credentials can be exposed if the instance is compromised.
❌ C. Adding credentials to a Security Group – Security Groups control network traffic, not IAM permissions, so this method is incorrect.
❌ D. Storing credentials on a bastion host – This is not a best practice and adds unnecessary complexity without enhancing security.
By using an IAM role, the EC2 instance can access AWS services securely, following AWS security best practices.
Question #5
A technology company has deployed a highly available architecture using an Elastic Load Balancer (ELB) and multiple Amazon EC2 instances, which are managed through Auto Scaling across three Availability Zones. The company wants to monitor a specific performance metric for its EC2 instances, but this metric is not natively available in Amazon CloudWatch.
Which of the following requires manual setup as a custom metric in CloudWatch?
A. CPU Utilization of an EC2 instance
B. Memory Utilization of an EC2 instance
C. Disk Reads activity of an EC2 instance
D. Network packets out of an EC2 instance
Show answer
Correct Answer:
✅ B. Memory Utilization of an EC2 instance
Explanation:
Amazon CloudWatch natively collects certain EC2 metrics without any additional configuration, but Memory Utilization is not collected by default. To monitor Memory Utilization, you need to:
- Install the CloudWatch agent on your EC2 instance.
- Configure the agent to collect memory usage metrics.
- Manually push the memory metrics to CloudWatch as custom metrics.
Why Not the Other Options?
❌ A. CPU Utilization – This is automatically collected by CloudWatch as part of the EC2 basic monitoring (every 5 minutes) or detailed monitoring (every 1 minute).
❌ C. Disk Reads activity – CloudWatch automatically collects Disk Reads and Writes as part of its default EC2 metrics.
❌ D. Network packets out – CloudWatch natively collects network metrics, including network traffic in and out of an EC2 instance.
Since Memory Utilization is not included in CloudWatch by default, it requires manual setup as a custom metric.