ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 370 discussion

Exam question from Amazon's ANS-C00
Question #: 370
Topic #: 1
[All ANS-C00 Questions]

A company has a hybrid architecture with dual AWS Direct Connect connections and applications running in the AWS Cloud and on premises. The company uses its on-premises DNS servers to provide name resolution for is internal domain company.com. The company uses an Amazon Route 53 private hosted zone, aws.company.com, for resolution of AWS resource records.
A new application that runs on Amazon EC2 in the company's VPC needs to resolve records in the company.com domain and on other AWS resources.
What should the company do to meet these requirements?

  • A. Create a new DHCP options set. Configure the DHCP options set name servers to be the on-premises DNS servers, and configure the domain name to be company.com. Assign the DHCP options set to the VPC with the EC2 instances.
  • B. Create Route 53 Resolver outbound endpoints in each subnet in the VPC. Configure a Route 53 forwarding rule with a rule type of Forward for company.com that points to the on-premises DNS servers. Configure a Route 53 forwarding rule with a rule type of System for aws.company.com.
  • C. Create Route 53 Resolver outbound endpoints in each subnet in the VPC. Configure conditional forwarding rules on the on-premises DNS servers to forward queries for the domain aws.company.com to the Route 53 Resolver endpoints. Modify the DHCP options set to configure instances to resolve hostnames using the on-premises DNS servers.
  • D. Create a private hosted zone for company.com within the AWS account. Create Route 53 Resolver inbound endpoints in each subnet in the VPC. Configure the on-premises DNS servers to send outbound zone transfers for company.com to the Route 53 Resolver endpoints.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by walkwolf3 at Sept. 2, 2021, 12:59 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
shammous
Highly Voted 3 years, 5 months ago
Selected Answer: B
"System rules – System rules cause Resolver to selectively override the behavior that is defined in a forwarding rule. When you create a system rule, Resolver resolves DNS queries for specified subdomains that would otherwise be resolved by DNS resolvers on your network. By default, forwarding rules apply to a domain name and all its subdomains. If you want to forward queries for a domain to a resolver on your network but you don't want to forward queries for some subdomains, you create a system rule for the subdomains. For example, if you create a forwarding rule for example.com but you don't want to forward queries for acme.example.com, you create a system rule and specify acme.example.com for the domain name." Ref: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver.html
upvoted 8 times
sapien45
3 years, 3 months ago
smart. I wish I knew about that trick on my latest project
upvoted 1 times
...
...
walkwolf3
Highly Voted 3 years, 7 months ago
B EC2 needs to resolve DNS records in VPC and on-premises network, Resolver type is outbound, remove AD from selection. C. Wrong. If VPC's DHCP option set is using on-premises DNS, VPC won't be able to resolve AWS DNS.
upvoted 5 times
walkwolf3
3 years, 7 months ago
https://aws.amazon.com/premiumsupport/knowledge-center/route53-resolve-with-outbound-endpoint/
upvoted 1 times
...
...
Marty2021
Most Recent 2 years, 11 months ago
Selected Answer: B
B, company.com is resolved by on-prem servers on-prem using forwarding rule and the system rule for aws.company.com ensures the forwarding rule is overriden and resolved using the AWS private zone for aws.company.com
upvoted 1 times
...
JohnnyBG
3 years, 4 months ago
Selected Answer: B
per below comment
upvoted 2 times
...
mabalon
3 years, 6 months ago
Answer B https://aws.amazon.com/es/blogs/architecture/using-route-53-private-hosted-zones-for-cross-account-multi-region-architectures/
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel