Introduction:

This exam validates an examinee’s ability to:

  • Identify and gather requirements in order to define a solution to be built using architecture best practices.
  • Provide guidance on architectural best practices to developers and system administrators throughout the lifecycle of the project.

Different types of question format used to assess this knowledge-

  • Multiple-choice: Examinee selects one option that best answers the question or completes a statement. The option can be embedded in a graphic where the examinee “points and clicks” on their selection choice to complete the test item.
  • Multiple-response: Examinee selects more than one option that best answers the question or completes a statement.
  • Sample Directions: Examinee reads the statement or question and, from the response options, selects only the options that represent the most correct or best answers given the information.

The table below lists the domains measured by this examination and the extent to which they are represented.

aws_exam

Content Limits:

1 Domain 1.0: Designing highly available, cost-efficient, fault-tolerant, scalable systems

Identify and recognize cloud architecture considerations, such as fundamental components and effective designs.

Content may include the following:

  • How to design cloud services
  • Planning and design
  • Monitoring and logging
  • Familiarity with:
    • Best practices for AW S architecture
    • Developing to client specifications, including pricing/cost (e.g.,on Demand vs. Reserved vs. Spot; RTO and RPO DR Design)
    • Architectural trade-off decisions (e.g., high availability vs. cost, Amazon Relational Database Service (RDS) vs. installing your own database on Amazon Elastic Compute Cloud (EC2))
    • Hybrid IT architectures (e.g., Direct Connect, Storage Gateway, VPC, Directory Services)
    • Elasticity and scalability (e.g., Auto Scaling, SQS, ELB, CloudFront)
2 Domain 2.0: Implementation/Deployment

Identify the appropriate techniques and methods using Amazon EC2, Amazon S3, AWS Elastic Beanstalk, AWS CloudFormation, AWS OpsWorks, Amazon Virtual Private Cloud (VPC), and AWS Identity and Access Management (IAM) to code and implement a cloud solution.

Content may include the following:

  • Configure an Amazon Machine Image (AMI)
  • Operate and extend service management in a hybrid IT architecture
  • Configure services to support compliance requirements in the cloud
  • Launch instances across the AWS global infrastructure
  • Configure IAM policies and best practices
3 Domain 3.0: Data Security

3.1 Recognize and implement secure practices for optimum cloud deployment and maintenance.

Content may include the following:

  • AWS shared responsibility model
  • AWS platform compliance
  • AWS security attributes (customer workloads down to physical layer)
  • AWS administration and security services
  • AWS Identity and Access Management (IAM)
  • Amazon Virtual Private Cloud (VPC)
  • AWS CloudTrail
  • Ingress vs. egress filtering, and which AWS services and features fit
  • “Core” Amazon EC2 and S3 security feature sets
  • Incorporating common conventional security products (Firewall, VPN)
  • Design patterns
  • DoS mitigation
  • Encryption solutions (e.g., key services)
  • Complex access controls (building sophisticated security groups, ACLs, etc.)
  • Amazon CloudWatch for the security architect
  • Trusted Advisor
  • CloudWatch Logs

3.2 Recognize critical disaster recovery techniques and their implementation.

Content may include the following:

  • Disaster recovery
    • Recovery time objective
    • Recovery point objective
    • Amazon Elastic Block Store
  • AWS Import/Export
  • AWS Storage Gateway
  • Amazon Route53
  • Validation of data recovery method
4 Domain 4.0: Troubleshooting
Content may include the following:
• General troubleshooting information and questions

Refer to the AWS Solution Architect – Associate Exam Blue Print