- (Topic 4)
A company is building a microservices-based application that will be deployed on Amazon Elastic Kubernetes Service (Amazon EKS). The microservices will interact with each other. The company wants to ensure that the application is observable to identify performance issues in the future.
Which solution will meet these requirements?

1. A. Configure the application to use Amazon ElastiCache to reduce the number of requeststhat are sent to the microservices.
2. B. Configure Amazon CloudWatch Container Insights to collect metrics from the EKS clusters Configure AWS X-Ray to trace the requests between the microservices.
3. C. Configure AWS CloudTrail to review the API call
4. D. Build an Amazon QuickSight dashboard to observe the microservice interactions.
5. E. Use AWS Trusted Advisor to understand the performance of the application.

Correct Answer: B
This solution meets the requirements because it enables the company to observe the performance and behavior of its microservices-based application on Amazon EKS. Amazon CloudWatch Container Insights is a feature that collects, aggregates, and summarizes metrics and logs from containerized applications and microservices. Container Insights integrates with Amazon EKS and Kubernetes to provide metrics at the cluster, node, pod, task, and service level. You can use Container Insights to monitor the CPU, memory, disk, and network utilization of your EKS clusters and identify bottlenecks, latency spikes, and other issues. AWS X-Ray is a service that collects data about requests that your application serves, and provides tools that you can use to view, filter, and gain insights into that data. X-Ray integrates with Amazon EKS and Kubernetes to trace the requests that your microservices make to downstream AWS resources, microservices, databases, and web APIs. You can use X-Ray to analyze the root cause of errors, faults, and performance issues, and visualize the service map of your application.
References:
✑ Using Container Insights
✑ AWS X-Ray

- (Topic 2)
An ecommerce company has an order-processing application that uses Amazon API Gateway and an AWS Lambda function. The application stores data in an Amazon Aurora PostgreSQL database. During a recent sales event, a sudden surge in customer orders occurred. Some customers experienced timeouts and the application did not process the orders of those customers A solutions architect determined that the CPU utilization and memory utilization were high on the database because of a large number of open connections The solutions architect needs to prevent the timeout errors while making the least possible changes to the application.
Which solution will meet these requirements?

1. A. Configure provisioned concurrency for the Lambda function Modify the database to be a global database in multiple AWS Regions
2. B. Use Amazon RDS Proxy to create a proxy for the database Modify the Lambda function to use the RDS Proxy endpoint instead of the database endpoint
3. C. Create a read replica for the database in a different AWS Region Use query string parameters in API Gateway to route traffic to the read replica
4. D. Migrate the data from Aurora PostgreSQL to Amazon DynamoDB by using AWS Database Migration Service (AWS DMS| Modify the Lambda function to use the OynamoDB table

Correct Answer: B
Many applications, including those built on modern serverless architectures, can have a large number of open connections to the database server and may open and close database connections at a high rate, exhausting database memory and compute resources. Amazon RDS Proxy allows applications to pool and share connections established with the database, improving database efficiency and application scalability. https://aws.amazon.com/id/rds/proxy/

- (Topic 3)
A transaction processing company has weekly scripted batch jobs that run on Amazon EC2 instances. The EC2 instances are in an Auto Scaling group. The number of transactions can vary but the beseline CPU utilization that is noted on each run is at least 60%. The company needs to provision the capacity 30 minutes before the jobs run.
Currently engineering complete this task by manually modifying the Auto Scaling group parameters. The company does not have the resources to analyze the required capacity trends for the Auto Scaling group counts. The company needs an automated way to modify the Auto Scaling group’s capacity.
Which solution will meet these requiements with the LEAST operational overhead?

1. A. Ceate a dynamic scalling policy for the Auto Scaling grou
2. B. Configure the policy to scale based on the CPU utilization metric to 60%.
3. C. Create a scheduled scaling polcy for the Auto Scaling grou
4. D. Set the appropriate desired capacity, minimum capacity, and maximum capacit
5. E. Set the recurrence to weekl
6. F. Set the start time to 30 minute
7. G. Before the batch jobs run.
8. H. Create a predictive scaling policy for the Auto Scaling grou
9. I. Configure the policy to scale based on forecas
10. J. Set the scaling metric to CPU utilizatio
11. K. Set the target value for the metric to 60%. In the Policy, set the instances to pre-launch 30 minutes before the jobs run.
12. L. Create an Amazon EventBridge event to invoke an AWS Lamda function when the CPU utilization metric value for the Auto Scaling group reaches 60%. Configure the Lambda function to increase the Auto Scaling group’s desired capacity and maximum capacity by 20%.

Correct Answer: C
This option is the most efficient because it uses a predictive scaling policy for the Auto Scaling group, which is a type of scaling policy that uses machine learning to predict capacity requirements based on historical data from CloudWatch1. It also configures the policy to scale based on forecast, which enables the Auto Scaling group to adjust its capacity in advance of traffic changes. It also sets the scaling metric to CPU utilization and the target value for the metric to 60%, which aligns with the baseline CPU utilization that is
noted on each run. It also sets the instances to pre-launch 30 minutes before the jobs run, which ensures that enough capacity is provisioned before the weekly scripted batch jobs start. This solution meets the requirement of provisioning the capacity 30 minutes before the jobs run with the least operational overhead. Option A is less efficient because it uses a dynamic scaling policy for the Auto Scaling group, which is a type of scaling policy that adjusts your Auto Scaling group’s capacity in response to changing demand2. However, this does not provide a way to provision the capacity 30 minutes before the jobs run, as it only reacts to changing traffic. Option B is less efficient because it uses a scheduled scaling policy for the Auto Scaling group, which is a type of scaling policy that lets you scale your Auto Scaling group based on a schedule that you create3. However, this does not provide a way to scale based on forecast or CPU utilization, as it only scales based on predefined metrics and policies. Option D is less efficient because it uses an Amazon EventBridge event to invoke an AWS Lambda function when the CPU utilization metric value for the Auto Scaling group reaches 60%, which is a way to trigger serverless functions based on events. However, this does not provide a way to provision the capacity 30 minutes before the jobs run, as it only reacts to changing traffic.

- (Topic 1)
A solutions architect must design a highly available infrastructure for a website. The website is powered by Windows web servers that run on Amazon EC2 instances. The solutions architect must implement a solution that can mitigate a large-scale DDoS attack that originates from thousands of IP addresses. Downtime is not acceptable for the website.
Which actions should the solutions architect take to protect the website from such an attack? (Select TWO.)

1. A. Use AWS Shield Advanced to stop the DDoS attack.
2. B. Configure Amazon GuardDuty to automatically block the attackers.
3. C. Configure the website to use Amazon CloudFront for both static and dynamic content.
4. D. Use an AWS Lambda function to automatically add attacker IP addresses to VPC network ACLs.
5. E. Use EC2 Spot Instances in an Auto Scaling group with a target tracking scaling policy that is set to 80% CPU utilization

Correct Answer: AC
(https://aws.amazon.com/cloudfront

- (Topic 4)
A company needs to minimize the cost of its 1 Gbps AWS Direct Connect connection. The company's average connection utilization is less than 10%. A solutions architect must recommend a solution that will reduce the cost without compromising security.
Which solution will meet these requirements?

1. A. Set up a new 1 Gbps Direct Connect connectio
2. B. Share the connection with another AWS account.
3. C. Set up a new 200 Mbps Direct Connect connection in the AWS Management Console.
4. D. Contact an AWS Direct Connect Partner to order a 1 Gbps connectio
5. E. Share the connection with another AWS account.
6. F. Contact an AWS Direct Connect Partner to order a 200 Mbps hosted connection for an existing AWS account.

Correct Answer: D
company need to setup a cheaper connection (200 M) but B is incorrect because you can only order port speeds of 1, 10, or 100 Gbps for more flexibility you can go with hosted connection, You can order port speeds between 50 Mbps and 10 Gbps. https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct- connect.html