Okay Cloud Academy ninjas, let's just take a moment to recap what we've covered in this domain so far and what we need to remember for our certification exam. So our region is a physical geographical location made up of groups of data centers and each region is designed to be independent and isolated from any other. Each region has two or more locations that are known as availability zones and availability zones are designed to be isolated and independent from failure of another availability zone within a region. Availability zones have low latency network conductivity to other availability zones within a region. So connectivity between AZs is lightning fast and provides or is provided my the AWS backbone. Whereas conductivity between regions will go over the public internet okay? So AZs enable customers to operate highly available, fault-tolerant, scalable systems, which wouldn't be possible if we were just running a single data center. So spreading services across availability zones is vital to high availability. Now spreading services across regions however is something that you need to do very, very carefully because it's going to come at a cost. Hybrid architectures are where an on premise infrastructure is extended to the AWS Cloud and common scenarios for that being disaster recovery, backup and restore, or perhaps multi-site environments. And if you're using services like AWS Storage Gateway, the VPN tunnel, or AWS Direct Connect to make that type of hybrid architecture possible, Direct Connect is a dedicated connection to AWS. It is the best and most reliable way to reduce connectivity issues in your design. We can use VPN in conjunction with a direct connect service just to add another layer of security and we might look to implement more than one Direct Connect connection to increase fault tolerance in our design. Now just keep in mind that direct connect is generally set up through a partner, so it can take a week or more to provision, so it doesn't suit all immediate or urgent use cases. Okay, a few things to remember about accountability and audtiing. Amazon CloudWatch provides system-wide visibility into resource utilization, operational health, and it even allows you to monitor your application performance and it can be used to monitor designs that are all in on the cloud, they can be hybrid, and you can even use CloudWatch to monitor your on-premise services by using an agent. Now, manage services make high availability and scalability possible right? Things like Amazon Simple Queue Service, which allows you to decouple applications and services from one another. For example, you have say a voting application that needed to scale quickly to meet the demands of a TV show or something similar, then Simple Queue Service could provide a way to decouple your application from your database backend, ensuring that all requests made through the client got processed eventually. Amazon DynamoDB is a fully managed NoSQL database service and Rout 53 enables domain name management, automatic fail over, and latency or geo-based routing for any inbound DNS requests, which is another great service when we're talking about high-availability and business continuity. And of course let's not forget the Amazon virtual private cloud, which provides that logical isolated section of the AWS cloud where we can provision our own highly available services. So, high availability is a big part of the exam and many questions you get relate back to high availability, fault tolerance, and scalability. As a general rule of thumb, if there's an AWS service listed as an option in a high availability question, it's generally going to be one of those options that's gonna be correct. Make sure you can stand up an EC2 instance from scratch in the VPC. So go through all the network access control lists, the security groups, configure a machine from scratch so you're aware of every screen that you see when you're in there.