AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 21

A company uses a hybrid architecture and has an AWS Direct Connect connection between its on-premises data center and AWS. The company has production applications that run in the on-premises data center. The company also has production applications that run in a VPC. The applications that run in the on-premises data center need to communicate with the applications that run in the VPC. The company is using corp.example.com as the domain name for the on-premises resources and is using an Amazon Route 53 private hosted zone for aws.example.com to host the VPC resources.
The company is using an open-source recursive DNS resolver in a VPC subnet and is using a DNS resolver in the on-premises data center. The company's on-premises DNS resolver has a forwarder that directs requests for the aws.example.com domain name to the DNS resolver in the VPC. The DNS resolver in the VPC has a forwarder that directs requests for the corp.example.com domain name to the DNS resolver in the on-premises data center. The company has deckled to replace the open-source recursive DNS resolver with Amazon Route 53 Resolver endpoints.
Which combination of steps should a network engineer take to make this replacement? (Choose three.)

Answer options

Correct answer: B, C, E

Explanation

The correct steps involve configuring the on-premises DNS resolver to forward queries for aws.example.com to the inbound endpoint (B), creating both inbound and outbound Route 53 Resolver endpoints (C), and setting a rule to forward corp.example.com queries to the on-premises resolver (E). Options A, D, and F are incorrect as they either misdirect queries or do not address the required configurations.