A company is about to migrate an application from its on-premises data center to AWS. As…

Question

A company is about to migrate an application from its on-premises data center to AWS. As part of the planning process, the following requirements involving DNS have been identified.
✑ On-premises systems must be able to resolve the entries in an Amazon Route 53 private hosted zone.
✑ Amazon EC2 instances running in the organization's VPC must be able to resolve the DNS names of on-premises systems
The organization's VPC uses the CIDR block 172.16.0.0/16.
Assuming that there is no DNS namespace overlap, how can these requirements be met?

Accepted Answer

Correct answer: C. C. Deploy and configure a set of EC2 instances into the company VPC to act as DNS proxies. Configure the proxies to forward queries for the on-premises domain to the on-premises DNS systems, and forward all other queries to the Amazon-provided DNS server (172.16.0.2). Change the DHCP options set for the VPC to use the new DNS proxies. Configure the on-premises DNS systems with a stub-zone, delegating the proxies as authoritative for the Route 53 private hosted zone. — The correct answer is C because it allows the EC2 instances to act as DNS proxies that can handle queries for both on-premises domains and the Route 53 private hosted zone, ensuring proper resolution in both directions. Option A is incorrect because it does not direct on-premises queries properly. Option B incorrectly forwards other queries to a specific IP rather than the Amazon DNS server. Option D fails to meet the requirement for EC2 instances to resolve on-premises system names.

AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 52

Answer options

Correct answer: C

Explanation