Review Questions – Network Design – ANS-C01 Study Guide
Review Questions
- A website hosting custom content that is formatted differently based on the device their users are connecting with has a global footprint. They are upgrading their site that uses a CloudFront distribution network and desire to modify certain HTTP headers at the edge to provide custom content to Android and iOS phones. This requires a rewrite before the content is requested from the origin S3 buckets. What is a good method to use to meet this requirement?
- Send all requests to an EC2 instance in the region where the content is located to modify the headers before passing the request to the buckets
- Use API Gateway to transform the requests based on the type of device making the request
- Use Lambda@edge to preprocess the request based on device type
- Implement an application load balancer with policies to rewrite the headers before forwarding the request to the backend server pools
- Tip Of The Hat Enterprises is preparing for its annual Black Friday sales event and anticipates a heavy load on its front-end web servers with a high connection count and bursting connections. You have been brought on to the project to recommend a cloud-based networking solution that will not slow down during peak usage. What would you recommend to the design team to account for the additional traffic during the sales event?
- Convert all of your EC2 fleet to Lambda serverless with provisioned concurrency
- Add read replicas to your RDS backend database
- Deploy a network load balancer
- Use API Gateway as the application front end
- Your company is designing a new financial trading application that is browser based. You are exploring new protocols and architectures to maximize the application’s performance. From a networking perspective, what would you recommend for the standards-based front end to the application?
- Use Global Accelerator to reduce network latency from the customer to your trading data
- Deploy API Gateway using the WebSockets protocol
- Deploy an application load balancer with sticky connections to the backend container services
- Use CloudFront to distribute the content at edge locations closer to requesters
- Your e-commerce website is designed to host shopping carts on individual web servers instead of using a centralized database. There have been support cases where users have lost the contents of their shopping cart due to poor Internet connections that cause random drops and reconnects. This is causing your company lost revenue and low customer retention. What can be done at the network level to help resolve the issue? (Choose two.)
- Implement sticky sessions on the ELB
- Configure the target groups to re-establish user connections to the server hosting their shopping cart
- Enable session affinity on the load balancer
- Verify that health checking is enabled at the session level and to sync incoming connections to the original web server hosting the shopping cart
- You are investigating options to protect your CloudFront deployment from external attacks. Which two options would you investigate?
- CloudFront DDoS
- AWS Shield
- AWS Control Tower
- Web Application Firewall
- Your applications access API Gateway from inside your VPC. IAM is used to provide authentication support for API Gateway. How are the IAM requests passed from the requester to the gateway?
- User pools
- Sigv4
- Cognito
- AD connector
- What interface contains an IP address and port number combination that accepts incoming connections to the load balancer?
- Cognito
- Target group
- User pool
- Transfer accelerator
- Listener
- Which AWS load balancer listens across all ports in an IP flow and forwards the traffic you define in a listener rule to target groups without modifying the original packet?
- Classic load balancer
- Network load balancer
- Application load balancer
- Gateway load balancer
- You want to reduce the number of calls to the endpoints and improve the response times of AWS API Gateway. What single solution can you implement to achieve this?
- Use a gateway load balancer in front of API Gateway
- Gateway caching
- Use a CloudFront distribution
- Implement a network load balancer
- The gateway load balancer listens across all ports in an IP flow and forwards the traffic you define in a listener rule to target groups. Which protocol encapsulates frames in a special header for use in large multitenant cloud deployments such as AWS?
- VxLAN
- GENEVE protocol
- Proxy protocol
- WebSockets
- Which design requirements should be considered for connection to AWS CloudFront locations? (Choose two.)
- Geography
- Internet BGP policies
- Political constraints
- Encryption limitations
- Four servers in your PROD target group need to be taken offline for updates. However, you do not want to disrupt existing user connections by forcefully downing the servers. What options do you have to take these servers offline without dropping user sessions? (Choose two.)
- Set the deregistration delay
- Configure proxy connections
- Enable session affinity
- Enable configuration draining
- You are looking to integrate a token-based authentication method into your API gateway that will give you maximum flexibility to evaluate a request and return an IAM policy to the requester to grant access using a third-party service. What would be a good solution to implement?
- Enable Kerberos-based AD authentication
- Lambda authorizers
- IAM authorization
- Make an OAuth API call