Review Questions – Hybrid and Multi-account DNS – ANS-C01 Study Guide

Review Questions

The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.

Connie has been tasked with adding a new record in her Route 53 public zone that is only the raw zone apex domain name of tipofthehat.com and not the FQDN record for the www.tipofthehat.com domain that was deployed originally to direct traffic to her new application load balancer. The ALB has been deployed in the us-west-2 Oregon region. The load balancer is Internet facing and is configured with both IPv4 and IPv6 publicly routable network addresses. You are the on-site cloud network architect, and she is asking you for advice on how to implement this. How would you suggest she configure this to meet her company’s requirements?
1. Create a new Alias record for tipofthehat.com and forward it to the DNS name of the ALBCreate a new CNAME record for tipofthehat.com and forward it to www.tipofthehat.comCreate an AAAA resource record in the public zone and use the ALB’s public address
1. Create an A resource record in the public zone and use the us-west region’s public address that AWS assigns you
Your employer’s development team is creating automated test scripts for a new application in the eu-north-1 Stockholm region. They are a global organization with developers in Asia-Pacific and South America. The development VPC is in a private availability zone hosting both Docker and EC2 application instances. Because of the dynamic addressing environment, they are asking you to implement a DNS solution that allows them to reference the hosts by their domain name and not their IP address. What type of solution would you deploy?
1. A public hosted zone for your organization that serves IP address information for queries in the Stockholm VPC
1. A private hosted zone in the Stockholm region’s VPC
1. Create a geolocation record that restricts development scripts to the VPC in the Stockholm region
1. Create a multivalue record for the hosts in the Stockholm VPC
You are working on a new network design to optimize your company’s e-commerce fleet being hosted in AWS. Currently you have five front-end web servers each in the AWS Ohio and California regions. You want to configure your Route 53 record set to optimize the server connection counts. What is a good solution to meet this requirement?
1. Apply geolocation restrictions to both regions’ web servers
1. Deploy a latency-based routing solution
1. Create a multivalue record set for the front-end web servers
1. Deploy a weighted-based routing solution
1. Deploy a failover-based routing solution
Your firm is outsourcing all email operations to a SaaS provider hosting on AWS. You need to make Route 53 changes to redirect traffic to the new provider. What needs to be done?
1. Modify the Start of Authority records to redirect all port 25 traffic to the new email hosting company
1. Change the destination values in the hosted zone’s MX records
1. Have the email hosting company add your DNS mail IP addresses in their MX records
1. The PTR record needs to be modified in your hosted zone to point all email traffic to the new service
You are testing IPv6 networking in a test VPC in the Osaka region. What hosted zone record sets would you need to configure?
1. IPv6 routing
1. AAAA records
1. A records
1. CNAME
1. IPv6 record
The corporate DNS deployment needs to query your new AWS cloud-based operations in the Mumbai region. You are running Route 53 in a private VPC. What do you need to do to interconnect these two DNS systems? (Select two.)
1. Select hosted zone delegations in the Route 53 console
1. Make a DX connection from your corporate data center to the Mumbai VPC
1. Define FWD resource records in the Route 53 private hosted zone
1. Create an inbound endpoint in the Mumbai VPC
1. Configure DNS forwarding rules
To add high availability to your two-factor authentication server deployment, you placed the two servers in different AWS regions and defined one as the primary and the other as the standby. Your global user base needs to be able to always access these servers. What DNS-based solution would help optimize uptime?
1. Apply geolocation restrictions to both regions’ web servers
1. Deploy a latency-based routing solution
1. Create a multivalue record set for the front-end web servers
1. Deploy a weighted-based routing solution
1. Deploy a failover-based routing solution
What Route 53 feature can be used to test for response of your endpoints?
1. CloudTrail support
1. Latency routing
1. Health checking
1. Contingency-based records
1. Using CloudWatch metrics
Your production website runs on a combination of EC2 instances that have different CPU and memory capabilities. The user base is complaining that some connections are very responsive while others are terribly slow. What can be done to optimize the connections to your web servers?
1. Upgrade the slower EC2 instances to match the processing power of the faster virtual machines
1. Configure latency routing in the private zones
1. Implement weighted routing on the web server record sets
1. Add a network ELB to even the response times between the different instance types
1. Implement CloudWatch metrics
As your company’s IT operations have expanded, it is becoming increasingly difficult and insecure to manage the Route 53 ongoing administration tasks. What options are available to reduce the administrative burden on the corporate staff?
1. Implement forwarding rules
1. Divide the hosted zones into public and private
1. Delegate domain administration to the different IT group’s area of responsibility
1. Create forwarding rules in the Route 53 console to give other groups in your IT teams the ability to configure Route 53
Which AWS routing policy returns query records based on the current traffic conditions on the public Internet?
1. Latency
1. Delay
1. Proximity
1. Geolocation
Which record sets are used by Dynamic Delegation Discovery System (DDDS) applications to convert or replace one value to another such as converting phone numbers to URIs?
1. SPF
1. GENEVE
1. NAPTR
1. SIP
What record type allows you to whitelist authority rights to created digital certificates in your domain?
1. TLS
1. CAA
1. NAPTR
1. ICANN
Which record type redirects sessions for specific service types, such as VoIP or instant messaging sessions, to specific hosts and port numbers?
1. CAA
1. SRV
1. AAAA
1. NAPTR
Which Route 53 feature is used to tell the resolver what domain names you want to forward to remote resolvers such as an on-premise DNS server?
1. Hybrid DNS
1. Conditional forwarding
1. Zone transfer
1. PTR record
Where does Route 53 store query logs?
1. CloudTrail
1. CloudWatch
1. API Gateway
1. Redshift
What monitoring types log the number of DNS queries that are forwarded by a Route 53 Resolver?
1. Route 53 zone monitoring
1. Resolver endpoint monitoring
1. Private hosted zone monitoring
1. Hybrid Route 53 monitoring
Which Route 53 record type contains basic information about the domain and hosted zone including the Route 53 name server that created the record, the email address of the administrator for your organization, and a serial number that can be incremented whenever you update a record?
1. TXT
1. SOA
1. PTR
1. CAA
Which Route 53 interface allows DNS resolutions originating inside of your VPC to your on-premise DNS deployment or to another VPC?
1. Inbound endpoints
1. Public hosted zone endpoints
1. Outbound endpoints
1. Private hosted zone endpoints
Which DNS record type maps a fully qualified domain name to an IPv4 address?
1. CNAME
1. A
1. AAAA
1. Alias