Preparation for AWS Solutions Architect - Associate Certificate Examination 2020

Preparation for AWS Solutions Architect - Associate Certificate Examination 2020

Cayenne Teoh Wan Ching's photo
Cayenne Teoh Wan Ching
·

7 min read

I've just passed the examination and got a certificate for it. It was quite a shock because the questions are quite different from what I had done in the AWS Sample Question found in AWS official documentation and the 2 sets of practical questions in Udemy Course. However, I would like to share my 2 months of preparation for this exam. I've learnt a lot about AWS and have deeper understanding about how each service works and integrates with one another.

Note: All the sharing below are the summary of what I've learnt from the Udemy Course, AWS FAQ and self research.

Introduction

  • Duration: 130 minutes
  • Total amount of questions: 65
  • Passing score: 70%
  • Certificate validation period: 3 years
  • Focus on Compute, Storage, Database, Migration & Transfer, Networking & Delivery, Containers, Security & Identity and Application Integration

Topics to take note:

*Virtual Private Cloud (VPC)

  • Security Group
  • Network Access Control List (NACL)
  • Subnet
  • Route Table
  • Internet Gateway
  • Virtual Private Gateway
  • VPC Peering
  • VPC Endpoint (Interface Endpoint, Gateway Endpoint)

*Elastic Compute Cloud (EC2)

  • Instance type (F1, I3, G3, H1, M5, T3, P3)
  • Pricing models (On Demand, Reserved, Spot, Dedicated)
  • Volume (EBS, Instant Store)
  • AMI
  • Snapshot
  • Elastic IP
  • Hypervisor (Xen, Nitro)
  • Placement Groups

*Simple Storage Service (S3)

  • Storage tiers (Standard, IA, One-Zone IA, Intelligent, Glacier, Deep Glacier, RRS)
  • Versioning
  • Life Cycle
  • Encryption (SSE-S3, SSE-KMS, SSE-C, Client-side encryption)
  • Availability, Durability, Price
  • Transfer Acceleration
  • URL (Virtual hosted, Path style, Legacy global, Static hosting)

*Caching

  • CloudFront VS Global Accelerator
  • Edge Location
  • ElastiCache (Redis, Memcached)

*Load Balancer

  • Target Groups
  • Elastic Load Balancer (ELB), Network Load Balancer (NLB), Application Load Balancer (ALB)

*Storage Gateway

  • File Storage
  • Volume Storage (Cached mode, Storage mode)
  • Tape Storage

*Route53

  • Records (CNAME, A, Alias)
  • Routing Policy (Simple, Weighted, Latency, Failover, Geolocation, Geoproximity, Multivalue Answer)

*SQS

  • Type (Standard, FIFO)
  • Short Polling, Long Polling
  • RequestWaitTimeSeconds, WaitTimeSeconds, DelaySeconds, VisibilityTimeout

*Lambda

  • Pricing (Execution time, Memory usage)
  • Integration with Kinesis Firehose

*RDS

  • Aurora
  • SQL Server
  • Oracle
  • Backup
  • Replicas (Aurora Replica, RDS Replica)

*DynamoDB

  • Storage (SSD)
  • Headers (x-amz-target, x-amz-date, host)
  • Dynamo Accelerator
  • Parallel processing

*RedShift

  • Backup
  • Leader node, Compute nodes

*ActiveDirectory (AD)

  • Simple AD
  • Managed Microsoft AD
  • AD Connector
  • Single Sign-On (SSO)

*CloudFormation

  • Template attributes

*CloudWatch

  • Alarm, Events, Logs
  • Default Metrics (Network In, CPU usage, DiskReadOps, WriteOps)
  • Add-On Metrics (Memory Usage)

*FlowLogs

  • Levels (VPC, Subnet, Network Interface)
  • Backup (CloudWatch, S3)

*Web Application Firewall (WAF)

  • IP Blocking
  • Cross-site scripting
  • SQL Injection
  • Configuration (Size constraint condition, String match condition, IP match condition)

*Auto Scaling

  • Types (Cycle scaling, Event-based, Demand-based)
  • Termination Policy

*Network Adapter

  • Elastic Network Interface (ENI)
  • Enhanced Network (Elastic Network Adapter (ENA), Virtual Function (VF))
  • Elastic Fabric Adapter (EFA)

*IAM

  • Root account (Enable MFA)
  • Users
  • Roles
  • Permissions

*Other storage

  • EFS (for Linux, Mac)
  • FSX (for Windows)

*Scenario Questions

  • Connect on-premise data centre to AWS services
  • Connect VPC to AWS services without internet
  • Enable EC2 instance in private subnet to have internet connection
  • Enable SSH into EC2 instance which is in private subnet
  • How to increase application performance on client side (loading time)
  • How to encrypt a EBS volume
  • Auto-scaling + Load Balancers

*Figure-based Questions

  • S3 Read with Prefix (5.5k requests / second)
  • S3 Write with Prefix (3.3k requests / second)

  • S3 buckets (100 / account)

  • CloudFront Edge Location cache retention period (48 - 72 hours)

  • EC2 Spread Placement Groups (7 instances / zone)

  • EC2 instances amount (20 instances / region)

  • RDS, RedShift, DynamoDB backup retention period (35 days)

  • RDS Read Replicas amount (Max: 5)

  • RedShift Compute Nodes (Max: 128)

  • DynamoDB Key + Value limitation (< 400KB)

  • Route53 (50 domain names / account)

  • CloudWatch measurement (Default: 5 minutes, Detailed: 1 minute)

  • SQS VisibilityTimeout (Default: 30 seconds, Max: 12 hours)

  • SQS Message retention period (14 days)

  • SQS WaitTimeSeconds (Max: 20 seconds)

  • Kinesis Streams Data retention period (24 hours - 7 days)

  • VPC amount (5 VPC / account)

  • Subnet amount (200 subnets / VPC)
  • Secondary IP range amount (4 ranges / VPC)
  • Elastic IP amount (5 EIP / account)
  • Internet Gateway amount (1 IGW / VPC)

Preparation Suggestion

30 minutes before exam (Online Test)

  • Run the given System Test
  • Prepare an ORIGINAL and VALID identity document (Passport, Driving License, IC)
  • Clean your table and room
  • Make sure there is no unnecessary accessories on your body (cap, socks)

Lastly... Good luck! :)

AWS Certified Solutions Architect AssociateAWS