Review Questions
The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.
- Your company will be having flash sales on its popular e-commerce site that is hosted on AWS. Because of high connection rates to backend servers that deliver feature-rich content, it is anticipated that traffic will be sent in bursts with large increases in the connection counts in a short time window. Also, the pages delivered will have motion graphics and high-resolution images delivered to every user. You are part of the architecture team and are reviewing ELB options that would best be able to handle this workload. What would you recommend?
- Classic load balancer
- Network load balancer
- Application load balancer
- Gateway load balancer
- The network analytics application you are offering customers on the Amazon marketplace needs to sit in line with your client’s traffic flow but be transparent. The packets cannot be modified in any way, and the packets entering your VPC from the customer must be the same leaving on the egress flow. There is also a possibility that many of your clients will have overlapping CIDR addressing in the private address space. What AWS solution can you implement to meet this requirement?
- Classic load balancer
- Network load balancer
- Application load balancer
- Gateway load balancer
- The backend target servers for your load balanced application use machine learning and analytics processing based on locality. The connections are getting erroneous IP source information from the incoming packets, and you have been hired to resolve the issue. What would you recommend to resolve the issue?
- Implement geo-proximity in Route 53
- Enable the X-Forwarded-For protocol on the servers to read the actual source IP in the header
- Implement SSL/TLS passthrough so the ALB does not act as a proxy and change the source IP address
- Use cross-zone load balancers so the source IP address does not get modified in transit
- You have been asked to implement an intelligent load balancing solution that will support your company website hosted in the AWS us-west-2 region. There will be a mix of customer devices connecting including smartphones, tablets, and laptops. The web application sources HTML content in either rich or sparse pages based on the connected device type. What solution would be able to do header inspection to determine the device type and direct the traffic to the appropriate target group?
- Classic load balancer
- Network load balancer
- Application load balancer
- Gateway load balancer
- The development team is working on a new e-commerce website, and you have been asked to assist in the networking architecture. The application servers and SQL database replicas need to be able to scale independently of each other and to be able to be upgraded without affecting ongoing operations. What type of load balancer would you use for this design?
- External
- Internal
- Classic
- Gateway
- Network
- Your cybersecurity officer has asked you for recommendations to protect your website hosted on AWS using an application load balancer. He is concerned about SYN and denial-of-service attacks originating from the Internet that could affect your company’s service offerings. What would you recommend as a solution to protect the ALB listener port?
- Route 53
- CloudFront
- CloudWatch
- Web Application Firewall
- CloudTrail
- Your company is planning on expanding its web application services to its European customers. It hosts its server fleet in the Ohio region behind an application load balancer. The deployment team is concerned about network latency from Europe to the United States. What AWS service would reduce these network delays?
- Elastic Kubernetes Service
- Route 53
- CloudTrail
- Global Accelerator
- Gateway load balancer
- You are getting trouble tickets about your e-commerce shopping carts suddenly disappearing, and it is affecting revenue and customer satisfaction. The application team has been investigating each application server sitting behind the ALB and can verify that the shopping carts are still present on the server but not on a customer’s browser. What can be done to resolve this issue?
- Enable the GENEVE protocol
- Use a network load balancer
- Enable session affinity on the ALB
- Use cross-zone load balancing
- Your e-commerce website needs to be able to have multiple servers to support the high connection counts from Internet users. You have been tasked to recommend a load balancer design to front-end the servers from the Internet. What type of load balancer would you use for this design?
- External
- Internal
- Classic
- Gateway
- Network
- The application team needs to take down an application server in an ALB target group to install a critical patch. However, when you check CloudWatch, you notice that there are more than 350 sessions active on the server. Since you do not want to drop active sessions, what solution is offered by AWS to take this server offline without affecting these connections?
- Slow stop
- Disable health checking
- Deletion protection
- Connection draining
- What configuration architecture does not have any digital certificates locally installed on the load balancer that passes all encrypted traffic to the backend servers for them to perform the encryption and decryption functions?
- Offload
- GENEVE groups
- Deregistration
- SSL/TLS passthrough
- What feature can be enabled to prevent a load balancer from being taken permanently offline?
- Deletion protection
- Session affinity
- Deregistration
- Forward proxy protection
- Which protocol preserves the source IP address of the originating host?
- Session affinity
- Proxy protocol
- GENEVE protocol
- TLS
- What ELB feature is enabled to prevent a new target from being overwhelmed with connection requests when it is first brought online?
- Session affinity
- Slow start
- Offload
- Connection limiting
- What is used to determine that the backend servers are operational and able to accept connections from the ELB?
Kubernetes
Round-robin
Offload
Health checking
- What are two ways to secure the public listener on your application load balancer?
- CloudTrail
- CloudFront
- Web Application Firewall
- CloudWatch
- What target types does an application load balancer support? (Select three.)
- Instance ID
- IP address
- Kinesis
- Lambda
- Redshift ID
- Cognito ID
- Name two load distribution algorithms used by the AWS ELB family of load balancers.
- Latency
- Affinity
- Round-robin
- Least outstanding
- Which design is where the load balancer takes responsibility for the encrypting and decrypting of in-flight traffic instead of the backend web servers?
- Application load balancer
- SSL/TLS offload
- SSL passthrough
- Network load balancer
- Which ELB feature can dynamically add and remove backend processing capacity based on the current load?
- Autoscaling
- Autostandby
- Autoredundancy
- Target groups