AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 30

Your company maintains an Amazon Route 53 private hosted zone. DNS resolution is restricted to a single, pre-existing VPC. For a new application deployment, you create an additional VPC in the same AWS account. Both this new VPC and your on-premises DNS infrastructure must resolve records in the existing private hosted zone.
Which two activities are required to enable DNS resolution both within the new VPC and from the on-premises infrastructure? (Choose two.)

Answer options

• A. Update the DHCP options set for the new VPC with the Route 53 nameserver IP addresses.
• B. Update the Route 53 private hosted zone's VPC associations to include the new VPC.
• C. Launch Amazon EC2-based DNS proxies in the new VPC. Specify the proxies as forwarders in the on-premises DNS.
• D. Update the on-premises DNS to include forwarders to the Route 53 nameserver IP addresses.
• E. Launch Amazon EC2-based DNS proxies in the new VPC. Specify the proxies in the DHCP options set.

Correct answer: A, B

Explanation

The correct answers are A and B because updating the DHCP options set allows the new VPC to use the Route 53 nameservers for DNS resolution, while updating the VPC associations in the private hosted zone allows the new VPC to access the DNS records. Options C and E involve setting up proxies, which are unnecessary for direct resolution, and option D, while potentially useful, does not address the requirement for the new VPC's DNS resolution.