Explore essential concepts and best practices for disaster recovery using EC2 instances and VPC configurations. This quiz helps you assess your understanding of key strategies to ensure resilience, availability, and security in cloud-based environments.
Which strategy best ensures data protection for an EC2 instance running critical applications?
Explanation: Regular automated snapshots capture data at scheduled intervals and allow recovery in case of data loss. Simply increasing storage size does not protect existing data. Blocking all inbound traffic could disrupt services and does not safeguard data. Rebooting an instance does not provide any data protection or backup capability.
Why is deploying EC2 instances across multiple availability zones important in disaster recovery?
Explanation: Distributing instances across multiple zones ensures service continuity even if one zone experiences an outage. While there may be additional data transfer costs, the main benefit is improved availability. Automatically updating software and easier monitoring are not direct effects of multi-zone deployment.
Which VPC feature can help create a secure and isolated disaster recovery environment?
Explanation: Subnets and network access control lists allow you to segment your network and restrict access as needed, which is vital for isolating disaster recovery deployments. Instance metadata and Elastic IP addresses do not inherently provide isolation or network security. Local instance storage is volatile and not intended for DR isolation.
What is the primary reason for replicating EC2 instances and databases to a secondary region?
Explanation: Replication to a secondary region allows rapid failover if the primary region goes down, helping maintain operations. While it may result in higher costs, cost is not the purpose. Firewall configuration is unrelated, and single-user performance is not significantly impacted by regional replication.
If an EC2 instance fails, what is an effective way to quickly restore operations using previous backups?
Explanation: Launching from a recent snapshot allows you to recover the application with minimal downtime. Extending stop times or adjusting CPU credits does not restore lost data or functionality. Disabling scheduled events does not return the system to a working state.
Which option minimizes downtime and data loss when syncing large volumes of data across regions for DR?
Explanation: Automated incremental backups only transfer changed data, optimizing speed and minimizing downtime or data loss. Manually copying files is slower and error-prone. Simply increasing bandwidth won’t help if the backup process isn’t frequent or incremental. Expanding storage in just one region does not enhance cross-region disaster recovery.
In a disaster recovery plan, why should VPC network configurations be mirrored in both primary and backup regions?
Explanation: Mirroring VPC setup allows systems to migrate or fail over without encountering network mismatches or connection problems. Storage costs are managed separately, and unlimited internet access is a security risk, not an objective. Restricting communication is possible but not the main purpose for mirroring the network setup.
What is a recommended best practice for ensuring disaster recovery procedures for EC2 and VPC are effective?
Explanation: Conducting regular drills ensures your response plans work as expected during a real outage. Disabling monitoring, assigning unnecessary public IPs, or removing subnets can actually increase risks by reducing oversight or breaking network segmentation.
Why is it important to restrict access permissions on backup EC2 instances and disaster recovery VPCs?
Explanation: Limiting permissions helps keep backup environments secure even under stress. Speeding up network performance or increasing storage is unrelated to security. Disallowing resizing does not directly help secure the environment in a disaster scenario.
How can properly configured DNS help in reducing downtime during EC2 disaster recovery?
Explanation: Configuring DNS lets you reroute traffic to standby resources, enabling faster recovery when you switch environments. Increasing static IP ranges does not directly aid recovery. Disabling routing or limiting outbound traffic may prevent users from accessing recovery resources.