Section 4: ELB and ASG Flashcards Preview

AWS Associate Developer Exam > Section 4: ELB and ASG > Flashcards

Flashcards in Section 4: ELB and ASG Deck (20)
Loading flashcards...
1
Q

Load Balancers provide a
A) static IPv4 we can use in our application
B) static DNS name we can use in our application
C) static IPv6 we can use in our application

A

B) static DNS name we can use in our application

The reason being that AWS wants your load balancer to be accessible using a static endpoint, even if the underlying infrastructure that AWS manages changes

2
Q

You are running a website with a load balancer and 10 EC2 instances. Your users are complaining about the fact that your website always asks them to re-authenticate when they switch pages. You are puzzled, because it’s working just fine on your machine and in the dev environment with 1 server. What could be the reason?
A) The application must have a bug
B) The Load Balance does not have stickiness enabled
C) The EC2 instances log out users because they don’t see their true IPs

A

B) The Load Balance does not have stickiness enabled

Stickiness ensures traffic is sent to the same backend instance for a client. This helps maintaining session data

3
Q

Your application is using an Application Load Balancer. It turns out your application only sees traffic coming from private IP which are in fact your load balancer’s. What should you do to find the true IP of the clients connected to your website?

A) Modify the front-end of the website so that the user send their IP in the request
B) Look into the X-Forwarded-For header in the backend
C) Look into the X-Forwarded-Proto header in the backend

A

B) Look into the X-Forwarded-For header in the backend

This header is created by your load balancer and passed on to your backend application

4
Q

You quickly created an ELB and it turns out your users are complaining about the fact that sometimes, the servers just don’t work. You realise that indeed, your servers do crash from time to time. How to protect your users from seeing these crashes?

A) Enable Stickiness
B) Enable Health Checks
C) Enable SSL Termination

A

B) Enable Health Checks

Health checks ensure your ELB won’t send traffic to unhealthy (crashed) instances

5
Q

You are designing a high performance application that will require millions of connections to be handled, as well as low latency. The best Load Balancer for this is

A) Application Load Balancer
B) Classic Load Balancer
C) Network Load Balancer

A

C) Network Load Balancer

NLB provide the highest performance if your application needs it

6
Q
Application Load Balancers handle all these protocols except
A) HTTP
B) HTTPS
C) Websocket
D) TCP
A

D) TCP

Use a NLB (Network Load Balancer) support TCP instead

7
Q
The application load balancer can route to different target groups based on all these excep
A) Hostname
B) Request Path
C) Geography
D) Source Ip
A

C) Geography

8
Q

You are running at desired capacity of 3 and the maximum capacity of 3. You have alarms set at 60% CPU to scale out your application. Your application is now running at 80% capacity. What will happen?
A) Nothing
B) The desired capacity will go up to 4 and the maximum will stay at 3
C) The desired capacity will go up to 4 and the maximum will stay at 4

A

A) Nothing

The capacity of your ASG cannot go over the maximum capacity you have allocated during scale out events

9
Q

I have an ASG and an ALB, and I setup my ASG to get health status of instances thanks to my ALB. One instance has just been reported unhealthy. What will happen?
A) The ASG will keep the instance running and re-start the application
B) The ASG will detach the EC2 instance from the group, and leave it running
C) The ASG will terminate the EC2 instance

A

C) The ASG will terminate the EC2 instance

Because the ASG has been configured to leverage the ALB health checks, unhealthy instances will be terminated

10
Q

Your boss wants to scale your ASG based on the number of requests per minute your application makes to your database.
A) You politelly tell him its impossible
B) You create a CloudWatch custom metric and build an alarm on this to scale your ASG
C) You enable detailed monitoring and use that to scale your ASG

A

B) You create a CloudWatch custom metric and build an alarm on this to scale your ASG

The metric “requests per minute” is not an AWS metric, hence it needs to be a custom metric

11
Q

Scaling an instance from an r4.large to an r4.4xlarge is called
A) Horizontal Scalability
B) Vertical Scalability

A

B) Vertical Scalability

12
Q

Running an application on an auto scaling group that scales the number of instances in and out is called
A) Horizontal Scalability
B) Vertical Scalability

A

A) Horizontal Scalability

13
Q

You would like to expose a fixed static IP to your end-users for compliance purposes, so they can write firewall rules that will be stable and approved by regulators. Which Load Balancer should you use?
A) Application Load Balancer with Elastic IP attached to it
B) Network Load Balancer
C) Classic Load Balancer

A

B) Network Load Balancer

Network Load Balancers expose a public static IP, whereas an Application or Classic Load Balancer exposes a static DNS (URL)

14
Q

A web application hosted in EC2 is managed by an ASG. You are exposing this application through an Application Load Balancer. The ALB is deployed on the VPC with the following CIDR: 192.168.0.0/18. How do you configure the EC2 instance security group to ensure only the ALB can access the port 80?
A) Open up the EC2 security group on port 80 to 0.0.0.0/0
B) Open up the EC2 security group on port 80 to 192.168.0.0/18
C) Open up the EC2 security group on port 80 to the ALB’s security group
D) Load an SSL client certificate on the ALB

A

C) Open up the EC2 security group on port 80 to the ALB’s security group

A web application hosted in EC2 is managed by an ASG. You are exposing this application through an Application Load Balancer. The ALB is deployed on the VPC with the following CIDR: 192.168.0.0/18. How do you configure the EC2 instance security group to ensure only the ALB can access the port 80?

15
Q
Your application load balancer is hosting 3 target groups with hostnames being users.example.com, api.external.example.com and checkout.example.com. You would like to expose HTTPS traffic for each of these hostnames. How do you configure your ALB SSL certificates to make this work?
A) Use SNI
B) Use a wildcard SSL certificate
C) Use an HTTP to HTTPS redirect rule
D) Use a security group SSL certificate
A

A) Use SNI

SNI (Server Name Indication) is a feature allowing you to expose multiple SSL certs if the client supports it. Read more here: https://aws.amazon.com/blogs/aws/new-application-load-balancer-sni/

16
Q

An ASG spawns across 2 availability zones. AZ-A has 3 EC2 instances and AZ-B has 4 EC2 instances. The ASG is about to go into a scale-in event. What will happen?
A) The AZ-A will terminate an instance randomly
B) The AZ-A will terminate the instance with the oldest launch configuration
C) The AZ-B will terminate the instance with the oldest launch configuration
D) The AZ-B will terminate an instance randomly
E) The AZ-A will create an EC2 instance

A

C) The AZ-B will terminate the instance with the oldest launch configuration

Make sure you remember the Default Termination Policy for ASG. It tries to balance across AZ first, and then delete based on the age of the launch configuration.

17
Q
The Application Load Balancers target groups can be all of these EXCEPT...
A) EC2 Instances
B) IP Addresses
C) Lambda Functions
D) Network Load Balancers
A

D) Network Load Balancers

18
Q
You are running an application in 3 AZ, with an Auto Scaling Group and a Classic Load Balancer. It seems that the traffic is not evenly distributed amongst all the backend EC2 instances, with some AZ being overloaded. Which feature should help distribute the traffic across all the available EC2 instances?
A) Stickiness
B) Cross Zone Load Balancing
C) Target Group Rrouting Rules
D) HTTPS termination
A

B) Cross Zone Load Balancing

19
Q
Your Application Load Balancer (ALB) currently is routing to two target groups, each of them is routed to based on hostname rules. You have been tasked with enabling HTTPS traffic for each hostname and have loaded the certificates onto the ALB. Which ALB feature will help it choose the right certificate for your clients?
A) TLS Termination
B) Server Name Indication (SNI)
C) SSL Security Polocies
D) Host Header
A

B) Server Name Indication (SNI)

Server Name Indication (SNI) is an extension to the TLS protocol that is supported by browsers and clients released after 2010. If you configure CloudFront to serve HTTPS requests using SNI, CloudFront associates your alternate domain name with an IP address for each edge location.

20
Q
An application is deployed with an Application Load Balancer and an Auto Scaling Group. Currently, the scaling of the Auto Scaling Group is done manually and you would like to define a scaling policy that will ensure the average number of connections to your EC2 instances is averaging at around 1000. Which scaling policy should you use?
A) Simple Scaling Policy
B) Step Scaling Poliy
C) Target Tracking
D) Scheduled Scaling
A

C) Target Tracking