Question #1
A company plans to host a movie streaming app in AWS. The chief information officer (CIO) wants to ensure that the application is highly available and scalable. The application is deployed to an Auto Scaling group of EC2 instances on multiple Availability Zones (AZs). A load balancer must be configured to distribute incoming requests evenly to all EC2 instances across multiple AZs.
Which of the following features should the Solutions Architect use to satisfy these criteria?
A. Cross-zone load balancing
B. Amazon VPC IP Address Manager (IPAM)
C. AWS Direct Connect SiteLink
D. Path-based Routing
Show answer
🎯 Correct Answer: A. Cross-zone load balancing
Cross-zone load balancing is a feature that allows a load balancer to distribute incoming requests evenly across all registered EC2 instances in multiple Availability Zones. This ensures high availability and better resource utilization, making it an ideal solution for the given scenario.
🔍 Explanation:
- ✅ Cross-zone load balancing allows each load balancer node to distribute traffic across all registered targets in all enabled Availability Zones, rather than just those within the same zone. This helps maintain even traffic distribution and prevents scenarios where instances in one AZ might be overloaded while others remain underutilized.
- Amazon VPC IP Address Manager (IPAM) is used for managing IP addresses within a VPC and is not relevant to load balancing.
- AWS Direct Connect SiteLink facilitates low-latency and private network connectivity between AWS regions but does not help with distributing traffic to EC2 instances.
- Path-based routing is a feature of Application Load Balancers (ALBs) that routes traffic based on URL paths (e.g.,
/videosvs./images), but it does not ensure even traffic distribution across AZs.
🔑 Key Takeaway:
To achieve high availability and even traffic distribution across multiple Availability Zones, Cross-zone load balancing should be enabled on the load balancer.
Question #2
A company has a web application hosted on a fleet of EC2 instances located in two Availability Zones that are all placed behind an Application Load Balancer. As a Solutions Architect, you have to add a health check configuration to ensure your application is highly available.
Which health checks will you implement?
A. HTTP or HTTPS health check
B. ICMP health check
C. FTP health check
D. TCP health check
Show answer
🎯 Correct Answer: A. HTTP or HTTPS health check
Health checks are essential for ensuring high availability by continuously monitoring the status of registered instances. Application Load Balancers (ALBs) use HTTP or HTTPS health checks to verify if an instance is responding correctly to requests.
🔍 Explanation:
- ✅ HTTP or HTTPS health check is the most appropriate option since ALBs operate at Layer 7 (Application Layer) and need to determine whether an instance can properly serve web traffic.
- ICMP health check is used for network-level availability tests but is not applicable to ALBs.
- FTP health check is used for file transfer services and is not relevant in this scenario.
- TCP health check is used for Layer 4 (Transport Layer) checks, typically for Network Load Balancers (NLBs), but it does not validate application-layer responses.
🔑 Key Takeaway:
For an Application Load Balancer, HTTP or HTTPS health checks are the best choice to ensure instances are capable of handling web traffic.
Question #3
A global e-commerce company wants to monitor and analyze all incoming HTTP requests handled by their internet-facing Application Load Balancer every five minutes. The collected data must include client IP addresses and network latency statistics to optimize performance and quickly identify issues in their containerized backend running on Amazon ECS Anywhere.
Which solution provides the most efficient method with minimal operational overhead?
A. Enable access logs on the Application Load Balancer and integrate Amazon ECS with Amazon CloudWatch Application Insights for traffic pattern analysis and troubleshooting.
B. Use Amazon EventBridge (CloudWatch Events) to capture client IP addresses and monitor traffic patterns with CloudWatch Container Insights.
C. Deploy the AWS X-Ray daemon on the ECS cluster and utilize Amazon CloudWatch ServiceLens for traffic monitoring.
D. Activate AWS CloudTrail for the ALB and use AWS CloudTrail Lake for traffic analysis and debugging.
Show answer
🎯 Correct Answer: A. Enable access logs on the Application Load Balancer and integrate Amazon ECS with Amazon CloudWatch Application Insights.
Enabling ALB access logs ensures detailed request tracking, including client IP addresses and network latency, without adding significant overhead.
🔍 Explanation:
- ✅ ALB access logs provide comprehensive HTTP request details and can be stored in Amazon S3 for further analysis.
- Amazon EventBridge and CloudWatch Events capture general traffic metrics but do not log individual HTTP requests in detail.
- AWS X-Ray with CloudWatch ServiceLens is useful for distributed tracing but adds complexity and is not optimized for traffic logging.
- AWS CloudTrail records API calls rather than individual HTTP request details, making it unsuitable for fine-grained traffic analysis.
🔑 Key Takeaway:
To efficiently collect HTTP request details with minimal operational overhead, enabling ALB access logs is the best approach.
Question #4
An engineer is designing a highly available architecture for a financial analytics app using an Elastic Load Balancer and an Auto Scaling group of EC2 instances across multiple Availability Zones. The system must support path-based and host-based routing, as well as bi-directional streaming via gRPC.
Which setup best meets these requirements?
A. Use an Application Load Balancer (ALB) with an Auto Scaling group, enabling gRPC and advanced routing.
B. Deploy a Network Load Balancer (NLB) with TCP listeners.
C. Combine AWS Global Accelerator with an NLB for better global performance.
D. Set up a Gateway Load Balancer (GLB) for gRPC traffic.
Show answer
🎯 Correct Answer: A. Use an Application Load Balancer (ALB) with an Auto Scaling group, enabling gRPC and advanced routing.
The Application Load Balancer (ALB) is best for handling path-based routing, host-based routing, and gRPC traffic.
🔍 Explanation:
- ✅ ALB supports path-based and host-based routing, essential for directing requests efficiently.
- ALB supports gRPC, allowing bi-directional streaming.
- NLB is designed for low-latency workloads but lacks advanced routing features.
- AWS Global Accelerator improves latency but does not provide routing.
- GLB is mainly for security appliances, not gRPC-based applications.
🔑 Key Takeaway:
For routing and gRPC support, ALB is the best choice.
Question #5
A restaurant chain hosts its online ordering system in AWS using an Auto Scaling group of EC2 instances across multiple Availability Zones with an Application Load Balancer. The system needs to route requests dynamically based on the device type – Android or iOS.
How can this be implemented?
A. Use path-based routing rules to direct requests with /api/android to one target group and /api/ios to another.
B. Replace ALB with a Gateway Load Balancer and define path-based rules for different target groups.
C. Use host-based rules to route traffic to different target groups based on the host header.
D. Replace ALB with an NLB and use host-based routing to distribute traffic.
Show answer
🎯 Correct Answer: A. Use path-based routing rules to direct requests with /api/android to one target group and /api/ios to another.
The Application Load Balancer (ALB) supports path-based routing, making it ideal for forwarding requests based on URL structure.
🔍 Explanation:
- ✅ Path-based routing in ALB enables directing requests to specific target groups based on URL patterns.
- Host-based routing is useful for different domains but not required for this scenario.
- Gateway Load Balancer is designed for security appliances, not traffic routing.
- Network Load Balancer does not support advanced routing like path-based rules.
🔑 Key Takeaway:
For device-specific request routing, ALB with path-based rules is the best solution.