AWS Certified Solutions Architect - Professional 2022: Design for New Solutions Competency (Intermediate Level)

  • 28m
  • 28 questions
The Design for New Solutions Competency (Intermediate Level) benchmark measures your ability to recognize when and how to use various AWS cryptographic services and manage IAM users, groups, roles, and policies to secure access to AWS resources. You will be evaluated on your skills in deploying and managing AWS Directory Service solutions, using AWS Backup to ensure business continuity for backed-up data, and managing monthly AWS cloud computing charges. Learners who score high on this benchmark demonstrate that they have the skills to design a deployment strategy to meet business and reliability requirements and determine security controls based on requirements.

Topics covered

  • analyze AWS resource usage recommendations with AWS Compute Optimizer
  • configure an AWS backup plan
  • configure encryption key lifecycle settings
  • configure IAM roles
  • configure S3 bucket lifecycle rules
  • configure the AWS Simple AD directory service
  • create an AWS cost budget
  • create an Elastic Block Store (EBS) volume snapshot, recreate a volume from the snapshot, and copy it to an alternate region
  • create secondary read replicas of a MySQL database
  • deploy a private certificate authority (CA) to issue PKI certificates
  • enable Elastic Block Storage (EBS) volume encryption
  • enable multi-factor Authentication (MFA) for an IAM user account
  • enable S3 requests and transfers to be paid by the data requester
  • enable VPC network Traffic mirroring
  • execute an on-demand backup
  • execute a run command on EC2 instances
  • join an Elastic Compute Cloud (EC2) instance to an AWS directory service
  • recognize how AWS can use single sign-on (SSO), centralized federated authentication, and the AWS Security Token Service
  • reduce EC2 instance costs using Spot Instances
  • request a public certificate and use DNS validation
  • restore data from a MySQL snapshot
  • test the change review and approval process using the sample Hello World change management template
  • use a certificate to enable an application load balancer HTTPS listener
  • use AWS Systems Manager to view Operations Management Explorer and dashboard items
  • use PowerShell to manage IAM users
  • use PowerShell to tag AWS resources for cost tracking
  • use the console to create an AWS Key Management Service (KMS) key
  • use the GUI to manage IAM groups