# Content Domain 2: Design for New Solutions
**Topics**
+ [Task 2.1: Design a deployment strategy to meet business requirements](#solutions-architect-professional-02-domain2-task1)
+ [Task 2.2: Design a solution to ensure business continuity](#solutions-architect-professional-02-domain2-task2)
+ [Task 2.3: Determine security controls based on requirements](#solutions-architect-professional-02-domain2-task3)
+ [Task 2.4: Design a strategy to meet reliability requirements](#solutions-architect-professional-02-domain2-task4)
+ [Task 2.5: Design a solution to meet performance objectives](#solutions-architect-professional-02-domain2-task5)
+ [Task 2.6: Determine a cost optimization strategy to meet solution goals and objectives](#solutions-architect-professional-02-domain2-task6)
## Task 2.1: Design a deployment strategy to meet business requirements
Knowledge of:
+ Infrastructure as code (IaC) (for example, AWS CloudFormation)
+ Continuous integration and continuous delivery (CI/CD)
+ Change management processes
+ Configuration management tools (for example, AWS Systems Manager)
Skills in:
+ Determining an application or upgrade path for new services and features
+ Selecting services to develop deployment strategies and implement appropriate rollback mechanisms
+ Adopting managed services as needed to reduce infrastructure provisioning and patching overhead
+ Making advanced technologies accessible by delegating complex development and deployment tasks to AWS
## Task 2.2: Design a solution to ensure business continuity
Knowledge of:
+ AWS Global Infrastructure
+ AWS networking concepts (for example, Amazon Route 53, routing methods)
+ RTOs and RPOs
+ Disaster recovery scenarios (for example, backup and restore, pilot light, warm standby, multi-site)
+ Disaster recovery solutions on AWS
Skills in:
+ Configuring disaster recovery solutions
+ Configuring data and database replication
+ Performing disaster recovery testing
+ Architecting a backup solution that is automated, is cost-effective, and supports business continuity across multiple Availability Zones or AWS Regions
+ Designing an architecture that provides application and infrastructure availability in the event of a disruption
+ Using processes and components for centralized monitoring to proactively recover from system failures
## Task 2.3: Determine security controls based on requirements
Knowledge of:
+ IAM
+ Route tables, security groups, and network ACLs
+ Encryption options for data at rest and data in transit
+ AWS service endpoints
+ Credential management services
+ AWS managed security services (for example, AWS Shield, AWS WAF, Amazon GuardDuty, AWS Security Hub)
Skills in:
+ Specifying IAM users and IAM roles that adhere to the principle of least privilege access
+ Specifying inbound and outbound network flows by using security group rules and network ACL rules
+ Developing attack mitigation strategies for large-scale web applications
+ Developing encryption strategies for data at rest and data in transit
+ Specifying service endpoints for service integrations
+ Developing strategies for patch management to remain compliant with organizational standards
## Task 2.4: Design a strategy to meet reliability requirements
Knowledge of:
+ AWS Global Infrastructure
+ AWS storage services and replication strategies (for example Amazon S3, Amazon RDS, Amazon ElastiCache)
+ Multi-AZ and multi-Region architectures
+ Auto scaling policies and events
+ Application integration (for example, Amazon SNS, Amazon SQS, AWS Step Functions)
+ Service quotas and limits
Skills in:
+ Designing highly available application environments based on business requirements
+ Using advanced techniques to design for failure and ensure seamless system recoverability
+ Implementing loosely coupled dependencies
+ Operating and maintaining high-availability architectures (for example, application failovers, database failovers)
+ Using AWS managed services for high availability
+ Implementing DNS routing policies (for example, Route 53 latency-based routing, geolocation routing, simple routing)
## Task 2.5: Design a solution to meet performance objectives
Knowledge of:
+ Performance monitoring technologies
+ Storage options on AWS
+ Instance families and use cases
+ Purpose-built databases
Skills in:
+ Designing large-scale application architectures for a variety of access patterns
+ Designing an elastic architecture based on business objectives
+ Applying design patterns to meet performance objectives with caching, buffering, and replicas
+ Developing a process methodology for selecting purpose-built services for required tasks
+ Designing a rightsizing strategy
## Task 2.6: Determine a cost optimization strategy to meet solution goals and objectives
Knowledge of:
+ AWS cost and usage monitoring tools (for example, AWS Cost Explorer, AWS Trusted Advisor, AWS Pricing Calculator)
+ Pricing models (for example, Reserved Instances, AWS Savings Plans)
+ Storage tiering
+ Data transfer costs
+ AWS managed service offerings
Skills in:
+ Identifying opportunities to select and rightsize infrastructure for cost-effective resources
+ Identifying appropriate pricing models
+ Performing data transfer modeling and selecting services to reduce data transfer costs
+ Developing a strategy and implementing controls for expenditure and usage awareness