How I passed my AWS associate-level certification exams

Home Community Forums Amazon Web Services Certifications AWS Certified Solutions Architect – Associate How I passed my AWS associate-level certification exams

This topic contains 0 replies, has 1 voice, and was last updated by Bilal Imtiaz Bilal Imtiaz 1 year, 3 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #100034179
    Bilal Imtiaz
    Bilal Imtiaz
    Participant

    I thought I would share the information and resources that have served me well in the preparation process. I’ll start with a look at how each exam is structured, and I’ll dig into the resources that were most useful for me in getting exam ready.
    Certifications: Some general information

    AWS currently has three associate-level exams:
    • AWS Certified Solutions Architect – Associate
    • AWS Certified Developer – Associate
    • AWS Certified SysOps Administrator – Associate
    Each exam takes all AWS services into consideration, although the level of detail and focus varies from one exam to another. (We’ll look closely at the most important services for each exam later in this post.) Although the number of questions is different for each, the exams include around 60 multiple choice questions where you can choose one or more correct answers.
    You have 80 minutes to complete the exam. While no one knows the exact score necessary to pass it (it changes from session to session), you must get at least 70% correct to be safe. Once you submit your exam, you will know immediately whether you have passed or not and the percentage. Later, you will receive an email from AWS with a recap for each exam area and your overall percentage, although it doesn’t provide information at the question level, so you won’t know which questions you got wrong.
    To schedule and manage your exams, you will need to register at the AWS Training and Certification Portal where you will choose an exam date at an AWS or partner training center. Each exam costs $150, and once you have successfully registered, the system will give you a code that you will give to the test center on exam day.
    AWS Certified Solutions Architect – Associate
    The AWS Certified Solutions Architect – Associate exam is intended for individuals with experience designing distributed applications and systems on the AWS platform. Of the three associate-level exams, the certified solutions architect certification is the most generic, and most of the questions are scenario-based (understanding which services to use to solve different business use cases).
    The exam is divided into four sections:
    1. Designing highly available, cost efficient, fault tolerant, scalable systems (60%)
    2. Implementation/Deployment (10%)
    3. Data Security (20%)
    4. Troubleshooting (10%)
    Some questions require that you understand and are able to create simple AWS architecture. Most of the questions are related to the following areas:
    • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, and AMI
    • Identity and Access Management (IAM)
    • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
    • Virtual Private Cloud (VPC)
    • Security Groups and Access Control List: Differences between the two
    • DirectConnect
    • Elastic Load Balancer (ELB)
    • Simple Queue Service (SQS): Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, messages retention, costs.
    • Simple Notification Service (SNS): Redundancy on availability zone (AZ); SNS can notify to email, text or SMS, SQS, or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
    • RDS: Configurations, multiple AZ, read replica
    • CloudWatch
    • Route53: Policies
    • Disaster Recovery: Recovery Time Objective, Recovery Point Objective
    Amazon Virtual Private Cloud
    The Amazon VPC is an essential topic for AWS Certified Solutions Architect – Associate certification and for AWS Certified SysOps Administrator – Associate certification. You will need to know this topic very well to pass both certifications.
    To really understand the Amazon Virtual Private Cloud, I highly recommend this Cloud Academy hands-on lab. If you are a beginner, the step-by-step instructions make it easy to follow along. This will give you a general idea of how AWS VPCs works and how to create your own VPC.
    Now that you have an understanding of VPC basics, I would suggest that you use your account and try to simulate a production environment. Before even attempting the exam, you should know all of the steps necessary for creating a VPC.
    Here is how I went about learning this important function. An AWS environment (Cloud Academy labs allow you to use a real AWS account) will allow you to simulate a production VPC with both public and private subnets.

    I started out by creating a VPC and two subnets, one public (10.0.2.0) and one private (10.0.1.0). I created two EC2 T2 instances and put one on the public subnet (to simulate the web server) and the other on the private subnet (to simulate the DB). I placed the DB on the private subnet so that it is unreachable from the external network.

    Then, I created an Internet Gateway and the routes that would allow the public instance to connect to the internet.

    Next, I assigned the target of my Internet Gateway to my public subnet.

    As you can see, we are able to ping google.com, so our connection is successful.

    Using your Amazon account, you can log into the AWS console where you will be able to train with security groups and access control lists (allow protocols from subnets) with the two subnets and instances. To do this, you can allow the ICMP protocol between the two subnets; from the public EC2 instance you can try to ping the other one.
    As you can see from the image below, without the correct rule I could not initially ping the instance in the private subnet from the one in the public subnet.

    After the All ICMP rule, with the source the id of my private subnet we are able to ping the private instance. You can use the same method to add an ssh rule to allow ssh connections in your private instance.

    If you can get to the point where you are confident with this simple infrastructure, you will be in good shape to pass the first section of the exam (Designing highly available, cost efficient, fault tolerant, scalable systems), which is the most important part of this certification.
    My last suggestion for preparation is to read and understand the AWS Security Best Practices Whitepaper. Here is the AWS link for this certification.
    AWS Certified Developer – Associate
    In this exam, you will find more theoretical questions and fewer scenarios. If I had to do it over again, I would start with this exam, as I found it to be the easiest of the associate-level certifications.
    The exam is divided into four sections:
    1. AWS Fundamentals (10%)
    2. Designing and Developing (40%)
    3. Deployment and Security (30%)
    4. Debugging (20%)
    These are the most important topics in this certification:
    • DynamoDB: Provisioned throughput calculations, read capacity units, write capacity units, key types, and usage, indexes, query vs. scan
    • SQS: Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, message retention, costs
    • SNS: Redundancy on AZ; SNS can notify to email, text or SMS, SQS, or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
    • Simple Workflow (SWF): Workers, decider, task, processing time
    • CloudFormation
    • ElasticBeanstalk
    • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
    • Cross-Origin Resource Sharing(CORS)
    • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, AMI
    • API Gateway
    • Web identity federation
    • VPC: Basics
    Here is the AWS link for this certification.
    AWS Certified SysOps Administrator – Associate
    I found this to be the most difficult of the three exams. Because this exam covers many of the same topics in the other two associate-level exams, I would recommend taking this one only after you have successfully passed the other two exams.
    The exam is divided into seven sections:
    1. Monitoring and Metrics (15%)
    2. High Availability 15%
    3. Analysis (15%)
    4. Deployment and Provisioning (15%)
    5. Data Management (12%)
    6. Security (15%)
    7. Networking (13%)
    Because this exam covers all of the topics in both the solutions architect and developer exams, most of the questions are related to the union of these areas. In summary:
    • EC2: Typology and when to use one type over another, costs, IAM roles, autoscaling, snapshots, AMI
    • IAM
    • S3: Standard vs. infrequent access, Glacier, limits, security, encryption, dynamic hosting (endpoints names), lifecycle management, transfer acceleration, import export data (Snowball)
    • VPC
    • SG and ACL: Differences between the two
    • DirectConnect
    • ELB
    • SQS: Limits, characteristics (no order queue), message dimensions (message can contain up to 256KB of text, billed at 64KB chunks), design (two queues if you need priority), visibility timeout, maximum long polling timeout, message retention, costs.
    • SNS: Redundancy on AZ; SNS can notify to email, text or SMS, SQS or any HTTP endpoint; messages can be customized for each protocol (HTTP, HTTPS, EMAIL, JSON, SQS, or Application)
    • RDS: Configurations, multiple AZ, read replica
    • CloudWatch
    • Route53: Policies
    • Disaster Recovery
    • DynamoDB: Basics
    • SWF: Workers, decider, task, processing time
    • CloudFormation
    • ElasticBeanstalk
    • API Gateway

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Translate »