A company is migrating an internal application to the AWS Cloud, where it will operate on Amazon EC2 instances within a single VPC. Users will access the application from the company's on-premises data center via AWS VPN or AWS Direct Connect, using private domain names for the application endpoint from a domain reserved exclusively for AWS Cloud use. Each EC2 instance must support automatic failover to another instance within the same AWS account and VPC. A network engineer must design a DNS solution that ensures the application remains inaccessible from the internet. Which solution meets these requirements? | AWS Certified Advanced Networking - Specialty Quiz