A company is utilizing Amazon Route 53 Resolver in a hybrid DNS setup, where Route 53 Resolver forwarding rules have been established for domains authoritative on on-premises DNS servers. A recent security policy mandates the implementation of a logging solution to monitor and analyze DNS queries directed to these on-premises servers. The solution must record the originating instance's source IP address and the specific DNS name queried via Route 53 Resolver. Which of the following solutions would fulfill this security requirement?

Exam-Like

Employ VPC Traffic Mirroring, setting all pertinent elastic network interfaces as the traffic source, including amazon-dns in the mirror filter, and designating Amazon CloudWatch Logs as the mirror target. Utilize CloudWatch Insights to analyze the mirror session logs for source IP address and DNS name details.

0.0%

Enable VPC flow logs across all relevant VPCs, directing the logs to an Amazon S3 bucket. Employ Amazon Athena to execute SQL queries on the logs to extract source IP address and DNS name information.

0.0%

Activate Route 53 Resolver query logging across all pertinent VPCs, forwarding the logs to Amazon CloudWatch Logs. Leverage CloudWatch Insights to query the logs for source IP address and DNS name details.

100.0%

Adjust the Route 53 Resolver rules for the authoritative domains forwarding to the on-premises DNS servers, sending the logs to an Amazon S3 bucket. Use Amazon Athena to perform SQL queries on the logs to retrieve source IP address and DNS name data.

0.0%

AWS Certified Security - Specialty

Get started today

Comments