This chapter covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domains: Domain 2: Reliability and Business Continuity Domain 5: Networking and Content Delivery (For more information on the official AWS Certified SysOps Administrator – Associate [SOA-C02] exam topics, see the Introduction.) CramSaver If you can correctly answer these questions before going […]

Exam Readiness Drill – Chapter Review Questions Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That is why working on these skills early on in your learning journey is key. Chapter review questions are designed to […]

Using Route 53 Resolver Endpoints in Hybrid and AWS Architectures Resolvers in a VPC can be configured as either inbound, outbound, or both. Inbound allows queries from your internal DNS deployment to the DNS server in your VPC. Outbound enables VPC DNS queries to your on-premise DNS, and both enable queries in both directions. When […]

Unauthorized Activity in Your Account If you receive a notice from AWS support that there has been abuse in your account or if you suspect that there has been unauthorized activity in your account, the following steps can help you confirm that it was an actual unauthorized activity: What to Do if You Do Find […]

Cost Optimization Principles Cost optimization, for any and all workloads, is a continuous process of refinement and improvement. This section will discuss some key design principles that all solutions architects as well as cloud FinOps (which stands for financial operations) teams should keep in mind when optimizing costs for their workloads: Having explored the key […]

AWS Batch This is a managed batch-processing product. If you are using AWS Batch, then jobs can be run without end user interaction or can be scheduled to run: Note If you get a question in the exam on an event-style workload that requires flexible compute, a higher disk space, no time limit (more than […]

Multi-Region Route 53 Route 53 is a global AWS service and is not specific to any region. You can configure zone records that are hosted in any region or that are outside of the AWS cloud such as your own data center. Route 53 extensions allow Multi-Region failovers by enabling health checking. Multi-Region latency-based routing […]

Cram Quiz Answer these questions. The answers follow the last question. If you cannot answer these questions correctly, consider reading this section again until you can. 1. You have been instructed to eliminate any inefficiencies in the following deployment: Web tier: EC2 autoscaling group scaling on CPU usage, 30% floor, 70% ceiling, minimum 1, maximum 10. […]

Visibility Other services offered by AWS provide different visibility and insights into your accounts to help you understand where malicious activity or an incident could occur. Amazon Detective is a security service that helps simplify the investigative process for security teams by using machine learning and statistical analysis to show the interactions between users and […]

Summary You explored a number of key topics in this chapter—how to best organize and isolate your AWS resources, which billing strategy to implement, how to leverage AWS Organizations and OUs to structure your AWS environment, how to enforce security best practices and protect your AWS environment using SCPs, and finally, how to automate governance […]