Written Lab – Network Design – ANS-C01 Study Guide

Written Lab

Written Lab 1.1: Create an HTTP API by Using the AWS Management Console

  1. Open the AWS web management console, and under the services search box, search for and select API Gateway.
  2. Under Choose API, type HTTP API and then select Build.
  3. Select Add Integration, and then choose an AWS Lambda function in the region it resides in using the drop-down box or enter a full HTTP endpoint URL with an ANY method.
  4. For Name, enter a name for your API; this is a marker name and only used for your reference.
  5. Click Review And Create.
  6. Click Create.
  7. Now your API is ready to invoke. You can test your API by entering its invoke URL in a browser or by using Curl.
  8. Select and copy the URL from the details screen and paste it into your browser to test.

https://l030ogly41.execute-api.us-west-2.amazonaws.com
 (for example)

curl
https://l030ogly41.execute-api.us-west-2.amazonaws.com
 (for example)

Note: Since there is not a live web server, you will not see any data.

  • To complete the lab, delete the API Gateway instance that was created by selecting the gateway by name and, in the Actions drop-down box, selecting Delete.

Review Questions

The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.

  1. Content in the Brussels edge location needs to be updated as soon as possible because of an error in a product pricing update. What would be the best way to update the content?
    1. Manually set the TTL to zero
    1. Replace the file at the origin, and the edge will see that it’s newer and automatically update its local cache
    1. Call the invalidation API of the object
    1. Use the file management utilities in the CloudFront CLI to manually delete the file, which forces the edge to update from the origin
  2. The index.html file in the Asia CloudFront edge locations has become stale with the TTL reaching zero seconds. Where does the CloudFront edge in Singapore go to fetch an updated index.html file?
    1. The closest edge peer, which happens to be in Kuala Lumpur
    1. The origin data stored in the defined region’s availability zone
    1. The regional edge cache location
    1. Nowhere; the TTL of the file automatically resets
  3. Chuck is an AWS networking consultant hired to optimize response times for a company that needs to push a new version of its application to its global base. Because of locality variances in the code such as language support and embedded encryption types, he wants to minimize download times and make sure the correct updates are delivered. What is an approach Chuck could consider?
    1. Implement Global Accelerator to speed up network response times
    1. Use CloudFront with the geolocation feature enabled
    1. Store the updates in all AWS regions worldwide
    1. Use a multi-RW RDS instance with multiple red replicas
  4. Global Widgets customers need to download manuals from their Texas FTP server. The download requests originated from Asia-Pacific and Middle East customers, and users are complaining about slow download speeds. What can be done to optimize the download speeds to these remote locations?
    1. Use a CloudFront content distribution network to cache the FTP files at edge locations near the customers
    1. Place a network load balancer in the us-west-2 region to balance the FTP request across multiple servers that scale based on workload
    1. Use the AWS Global Accelerator service to transport traffic over the AWS global network and not the Internet
    1. Use API Gateway with the HTTP API type to increase response times
  5.  Global Widgets has a requirement to have its global customers access its download servers in the Ohio region with low latency but has a security policy to limit the use of IP addresses allowed in its internal networks. What can be recommended to meet this security policy?
    1. Use their own public IP addresses on a Global Accelerator instance
    1. Use AWS-assigned Anycast addresses
    1. This cannot be done; use a CloudFront distribution instead
    1. Implement a Web Application Firewall with the BYOIP option enabled
  6. A customer has specific routing and endpoint connectivity requirements for its global customer base to support its disaster recovery policies. The delays from Australia and South Africa locations are highly noticeable, and users are complaining about long download times for large files. What can be recommended to allow for faster connection speeds to the remote sites and still have the endpoint mappings required?
    1. Implement a custom Global Accelerator instance
    1. Use the standard AWS Global Accelerator service
    1. Use API gateways in AWS regional availability zones closest to the remote users
    1. Deploy classic load balancers in Australia and South Africa
  7. You want to optimize what AWS charges and still meet the requirement of hosting multiple web domains on an AWS load balancer with a single listener. What feature set can you enable to meet this requirement and still be able to make secure Internet connections?
    1. Deploy SNI on the ALB listener
    1. Use URL mapping on the ALB
    1. Use a network load balancer with content switching based on HTTP header information
    1. Terminate the SSL/TLS connections using CloudFront