AWS Academy Cloud Architecting: Module 2 – Introducing Cloud Architecting Knowledge Check

Hello, fellow cloud enthusiasts! If you’re preparing for the AWS Certified Solutions Architect – Associate exam or deepening your AWS knowledge, the AWS Academy Cloud Architecting course is a fantastic resource. Module 2, Introducing Cloud Architecting, introduces core concepts: what cloud architecture really means, the AWS Well-Architected Framework (now with six pillars, including the newer Sustainability pillar), and foundational AWS best practices for building resilient, performant, and secure solutions.

In this updated blog post (based on the latest course version and popular walkthroughs like this YouTube video), I’ll cover the Module 2 Knowledge Check questions. For each:

• I’ll list the full question with all options,
• Reveal the correct answer(s),
• Provide a very detailed explanation of why it’s correct (and why others are wrong where relevant).

This format helps you understand not just the answer, but the reasoning—perfect for exam prep!

Question 1: What is the best definition of cloud architecture?

Options:

• A. Combining frontend and backend software and components to create highly available and scalable web services that meet the needs of an organization.
• B. Applying cloud characteristics to a solution that uses cloud services and features to meet technical and business requirements.
• C. Designing applications in cloud-based, shared IT infrastructure by using virtual machines and fault-tolerant data stores in the cloud.
• D. Relocating traditional on-premises data centers to internet-accessible data centers that a vendor manages.

Correct Answer: B

Very Detailed Explanation:
Option B is correct because true cloud architecture goes beyond just building scalable apps (A) or lifting-and-shifting on-premises setups (D). It intentionally leverages unique cloud characteristics like elasticity, global reach, managed services, and pay-as-you-go pricing to fully address both technical requirements (e.g., auto-scaling, fault tolerance) and business goals (e.g., faster time-to-market, cost control). Option A describes general good architecture but misses the cloud-specific angle. Option C focuses too narrowly on VMs and storage without broader cloud features. Option D is essentially “cloud migration” without architectural transformation. AWS emphasizes “cloud-native” design that exploits the cloud’s advantages over traditional infrastructure.

Question 2: The AWS Well-Architected Framework has six pillars. Three of the pillars are Security, Operational Excellence, and Sustainability. What are the other pillars of the Well-Architected Framework? (Select THREE)

Options: (Typically listed as the six, but select the missing three)

• Reliability
• Performance Efficiency
• Cost Optimization
• (Others may include distractors like Governance or Privacy in some sets)

Correct Answers: Reliability, Performance Efficiency, Cost Optimization

Very Detailed Explanation:
The six pillars are: Security, Reliability, Performance Efficiency, Cost Optimization, Operational Excellence, and Sustainability (added to emphasize environmental impact). Reliability ensures the system can recover from failures and meet demand (e.g., via Multi-AZ deployments). Performance Efficiency means selecting the right resource types/sizes and monitoring efficiency (e.g., using compute optimizers). Cost Optimization focuses on avoiding unnecessary costs (e.g., right-sizing, Reserved Instances). These guide reviews of workloads via the Well-Architected Tool, helping identify risks and improvements. The given pillars are excluded, so the remaining three are the answer.

Question 3: Which actions are consistent with the Operational Excellence pillar of the AWS Well-Architected Framework? (Select TWO)

Options:

• A. Review and improve processes and procedures on a continuous cycle.
• B. Evaluate organizational structures and roles to identify skill gaps.
• C. Apply software engineering principles and methodology to infrastructure as code.
• D. Plan and manage the full lifecycle of hardware assets.
• E. Ensure operations personnel document changes to the infrastructure.

Correct Answers: A and C

Very Detailed Explanation:
Operational Excellence is about running systems efficiently, automating operations, and continuously improving. A aligns perfectly with the principle of frequent, small, reversible changes and regular process evolution (e.g., via retrospectives). C embodies “operations as code”—using IaC tools like CloudFormation to version, test, and deploy infrastructure like application code, enabling automation and consistency. B relates more to organizational readiness (not a core principle here). D is on-premises thinking—AWS manages hardware. E is basic but not a key pillar focus; automation reduces manual documentation needs.

Question 4: An application requires a frontend web tier of multiple servers that communicate with a backend application tier of multiple servers. Which design most closely follows AWS best practices?

Options:

• A. Assign a dedicated application server and a dedicated connection to each web server.
• B. Create multiple instances that each combine a web frontend and application backend in the same instance.
• C. Design the web tier to communicate with the application tier through the Elastic Load Balancing service.
• D. Create a full mesh network between the web and application tiers, so that each web server can communicate directly with every application server.

Correct Answer: C

Very Detailed Explanation:
AWS favors loosely coupled (decoupled) architectures for scalability and fault isolation. C uses Elastic Load Balancing (ALB/NLB) to distribute traffic, hide backend changes, and enable auto-scaling without tight coupling. ALB is highly available (multi-AZ) and managed, eliminating single-point-of-failure concerns. A creates tight coupling and management overhead. B is monolithic (harder to scale independently). D leads to complexity and N² connections as tiers grow. Decoupling via load balancers is a core Reliability and Performance Efficiency best practice.

Question 5: A solutions architect is developing a process for handling server failures. Which process most closely follows Amazon Web Services (AWS) best practices?

Options:

• A. Operations detects a system failure. They notify the system administrator, who provisions a new server by using the AWS Management Console.
• B. Amazon CloudWatch detects a system failure. It notifies the system administrator, who provisions a new server by using the AWS Management Console.
• C. Operations detects a system failure. They trigger automation to provision a new server.
• D. Amazon CloudWatch detects a system failure. It triggers automation to provision a new server.

Correct Answer: D

Very Detailed Explanation:
AWS prioritizes automation over manual processes for speed and reliability (Reliability pillar: “stop guessing capacity, automate recovery”). D uses CloudWatch alarms to trigger Auto Scaling or Lambda for self-healing—replacing failed instances automatically with zero human intervention. A/B involve manual steps (slow, error-prone). C automates but relies on manual detection. Full automation with monitoring is the gold standard for resilient, “no-ops” architectures.

Question 6: A company wants to change some functionality of their website. They are unsure of what will happen if they make the change. Which approach most closely follows AWS best practices?

Options:

• A. Change the production site while it is online. Use backups to undo the change.
• B. Change the production site during offline maintenance hours. Use backups to undo the change.
• C. Provision a new server and make changes to it. Use DNS to gradually migrate users to the new server. Shut down the original server after all the users migrate.
• D. Test the change on an existing development server. Change the production site during offline maintenance hours. Use backups to undo the change.

Correct Answer: C

Very Detailed Explanation:
This is a blue/green or canary deployment via Route 53 weighted routing—leveraging cloud elasticity for low-risk changes. C runs old/new versions in parallel, shifts traffic gradually, monitors, and rolls back instantly by redirecting DNS. No downtime, fast undo. A risks live issues. B/D require downtime windows (not agile). Backups are slow for rollback. This supports experimentation and Operational Excellence.

Question 7: A company stores read-only data in Amazon S3. Most users are in the same country as the company headquarters. Some users are located around the world. Which design decision most closely follows AWS best practices?

Options:

• A. Use a bucket in the AWS Region closest to the company headquarters.
• B. Use a bucket in the AWS Region that has the lowest average latency for all users.
• C. Replicate objects across buckets in AWS Regions around the world. Users access the bucket in the AWS Region closest to them.
• D. Use a bucket in the AWS Region closest to the company headquarters. All users access the data through Amazon CloudFront.

Correct Answer: D

Very Detailed Explanation:
D combines single-source simplicity with global low-latency via CloudFront CDN caching at edge locations (free S3-to-CloudFront transfers). Caching static content is a Performance Efficiency best practice. A ignores global users’ latency. B might not exist or balance poorly. C adds complexity/cost (Cross-Region Replication fees, multi-bucket management) without caching benefits.

Question 8: A consultant must access a large object in an S3 bucket. They need a day to access the file. Which method for granting access most closely follows AWS best practices?

Options:

• A. Create a presigned URL to the object that expires in 24 hours and give it to the consultant.
• B. Enable public access on the S3 bucket. Give the object URL to the consultant.
• C. Copy the object to a new S3 bucket. Enable public access on the new bucket. From the new bucket, get the object URL, and give it to the consultant.
• D. Create a user account for the consultant. Grant the user account permissions to access the S3 bucket through the AWS Management Console.

Correct Answer: A

Very Detailed Explanation:
Presigned URLs provide temporary, least-privilege access (Security pillar) without permanent credentials or public exposure. Expires automatically—no revocation needed. B/C violate security by making data public. D creates long-term IAM users (management overhead, over-privileged). Presigned URLs are ideal for short-term external access.

Question 9: What are two main considerations that influence which AWS Regions to use? (Select TWO)

Options:

• A. Security and access control.
• B. Latency reduction for end users.
• C. Protection against localized natural disasters.
• D. Application resiliency during system failures.
• E. Compliance with laws and regulations.

Correct Answers: B and E

Very Detailed Explanation:
Regions are geographic—choose for proximity (lower latency) and data residency/compliance (e.g., GDPR requires EU Regions). A is managed via IAM/VPCs, not Region-specific. C/D are Availability Zone concerns (within a Region for isolation).

Question 10: What are the main considerations that influence which Availability Zones to use? (Select TWO)

Options:

• A. Security and access control.
• B. Latency reduction for end users.
• C. Protection against localized natural disasters.
• D. Application resiliency during system failures.
• E. Compliance with laws and regulations.

Correct Answers: C and D

Very Detailed Explanation:
AZs are isolated data centers in a Region—spread resources across them for independent failure domains (protects from floods/power outages) and high availability/resiliency (e.g., ELB Multi-AZ). Latency between AZs is low (<2ms). A/E are Region-level. B is Region-level for global users.

Final Thoughts

Module 2 builds the mindset for effective cloud design. These questions reinforce thinking in terms of Well-Architected principles and cloud-native patterns.

Practice these, review the Framework whitepapers, and watch walkthrough videos for visuals. Comment below if you want Module 3 (Securing Access) or others next!

Happy architecting! ☁️

Er. Bikash Subedi
January 17, 2026