Amazon Exam ANS-C01 Topic 4 Question 22 Discussion

Actual exam question for Amazon's ANS-C01 exam

Question #: 22
Topic #: 4

A development team is building a new web application in the AWS Cloud. The main company domain, example.com. is currently hosted in an Amazon Route 53 public hosted zone in one of the company's production AWS accounts.

The developers want to test the web application in the company's staging AWS account by using publicly resolvable subdomains under the example.com domain with the ability to create and delete DNS records as needed. Developers have full access to Route 53 hosted zones within the staging account, but they are prohibited from accessing resources in any of the production AWS accounts.

Which combination of steps should a network engineer take to allow the developers to create records under the example.com domain? (Select TWO.)

ACreate a public hosted zone for example.com in the staging account.

BCreate a staging.example.com NS record in the example.com domain. Populate the value with the name servers from the staging.example.com domain. Set the routing policy type to simple routing.

CCreate a private hosted zone for stagmg.example.com in the staging account.

DCreate an example.com NS record in the staging.example.com domain. Populate the value with the name servers from the example.com domain. Set the routing policy type to simple routing

ECreate a public hosted zone for staging.example.com in the staging account.

Show Suggested Answer

Suggested Answer: C

The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.

by Laurel at Mar 17, 2024, 01:20 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Maryann

1 months ago

Okay, let's think this through step-by-step. I think B and E are the right combination, but I'm curious to see what the other candidates come up with.

upvoted 0 times

...

Rhea

1 months ago

Haha, I'm just imagining the developers trying to remember which DNS records they created and where. Maybe they should just use a separate domain for the staging environment.

upvoted 0 times

...

Fausto

1 months ago

Hmm, I think the key here is to create a subdomain in the staging account and link it back to the production domain. Option B seems like the way to go.

upvoted 0 times

Ena

3 days ago

Creating a public hosted zone for example.com in the staging account and setting up the NS record for staging.example.com makes sense.

upvoted 0 times

...

Tonette

4 days ago

I agree, Option B seems like the best choice to link the subdomain back to the production domain.

upvoted 0 times

...

3 months ago

I think we should create a public hosted zone for example.com in the staging account.

upvoted 0 times

...