Question 338 of 375 from exam CLF-C01: AWS Certified Cloud Practitioner

Question 338 of 375 from exam CLF-C01: AWS Certified Cloud Practitioner

Question

Which of the following indicates a Single Point Of Failure (SPOF) in an AWS Cloud Architecture design? Refer to the figure below.

Internet Gateway

‘1b Availability Zone

EO2 Instance

public-subnet-2
NAT Gateway
EO2 Instance

Database Slave (Read Only)

US-east-

‘Application Load
Balancer
Frontend

Auto Scaling Group
Backend
‘Auto Scaling Group

Internal Load Balancer

EO2 Instance:
Aa Availability Zone

EO2 Instance

public-subnet-1
Database Master

[Bastion-Security-Group|
Bastion Host

uS-east-

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer: B.

Option A is incorrect.

For an Application Load Balancer, you need to specify at least two subnets each in a different AZ.

This ensures that the load balancer will redirect load to a different AZ if one of them goes down ensuring HA and redundancy.

Application Load balancer performs Health Checks on its registered targets and will route requests only to Healthy Targets.

Even though the ALB is depicted as a single resource in the figure, multiple ALB instances are created for each AZ behind the scenes.

It ensures that the ALB is not a SPOF.Option B is CORRECT.

We can see in the figure that the Bastion Host has been deployed on only one of the AZ's causing a SPOF.

For redundancy, the Bastion Host needs to be created in Multiple AZ's where a failure in a single AZ will not impact access to Server instances in Private subnets through the Bastion Hosts.

Option C is incorrect.

We can see EC2 instances being deployed on Private Subnets in multiple AZ's, ensuring redundancy & avoiding SPOF.Option D is incorrect.

NAT Gateway offers redundancy within a single AZ.

Hence it is not a SPOF within the AZ.

References:

https://packetswitch.co.uk/aws-nat-gateway-high-availability/#:~:text=NAT%20Gateway%20HA%20scenario,Availability%20Zones%20lose%20Internet%20access. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html https://jayendrapatil.com/aws-bastion-host/ https://stackoverflow.com/questions/46698011/are-amazon-elastic-load-balancer-elb-failure-proof