A network engineer is designing the DNS architecture for a new AWS environment that requires bidirectional DNS resolution between on-premises endpoints and AWS endpoints. The architecture must allow individual accounts to manage their subdomains. The engineer must establish a unified set of rules applicable across multiple accounts to govern this behavior, utilizing AWS native services wherever feasible.

Which combination of steps should the network engineer implement to fulfill these requirements? (Choose three.)

Exam-Like

Create an Amazon Route 53 private hosted zone for the overall cloud domain. Plan to create subdomains that align to other AWS accounts that are associated with the central Route 53 private hosted zone.

50.0%

Create AWS Directory Service for Microsoft Active Directory server endpoints in the central AWS account that hosts the private hosted zone for the overall cloud domain. Create a conditional forwarding rule in Microsoft Active Directory DNS to forward traffic to a DNS resolver endpoint on premises. Create another rule to forward traffic between subdomains to the VPC resolver.

0.0%

Create Amazon Route 53 Resolver inbound and outbound endpoints in the central AWS account that hosts the private hosted zone for the overall cloud domain. Create a forwarding rule to forward traffic to a DNS resolver endpoint on premises. Create another rule to forward traffic between subdomains to the Resolver inbound endpoint.

50.0%

Ensure that networking exists between the other accounts and the central account so that traffic can reach the AWS Directory Service for Microsoft Active Directory DNS endpoints.

0.0%

Ensure that networking exists between the other accounts and the central account so that traffic can reach the Amazon Route 53 Resolver endpoints.

AWS Certified Advanced Networking - Specialty

Get started today

Comments