AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Explanation:

Amazon Route 53 Resolver DNS Firewall is the specific service designed to filter and block DNS-based threats. It allows you to create policies to block DNS queries for known malicious domains. AWS Shield Advanced is for DDoS protection, and AWS WAF is for layer 7 (HTTP/HTTPS) web application firewall protection, neither of which is specifically for DNS filtering.

Explanation:

Comments (0)

No comments yet.

Question #45
A company that runs multiple workloads on AWS wants to enhance its security posture by implementing DNS-based threat protection. The company must block DNS-based attacks.
Which solution will meet this requirement?

Real Exam

Community

RRitesh

Last updated: April 30, 2026 at 11:35

Deploy AWS Shield Advanced to filter and block malicious DNS queries. Set up domain filtering policies.

25.0%

Use AWS WAF to inspect DNS traffic for malicious domains. Create custom rules to block known threats.

25.0%

Configure Amazon Route 53 Resolver to forward DNS queries to Route 53 Resolver DNS Firewall Advanced to detect and filter threats.

37.5%

Configure AWS Config to monitor DNS queries and DNS traffic patterns. Use an AWS Lambda function to prevent access to malicious domains.

12.5%

AWS Certified Cloud Practitioner

Get started today

Comments (0)

Get started today

Comments (0)

Question #45 A company that runs multiple workloads on AWS wants to enhance its security posture by implementing DNS-based threat protection. The company must block DNS-based attacks. Which solution will meet this requirement?

Question #45
A company that runs multiple workloads on AWS wants to enhance its security posture by implementing DNS-based threat protection. The company must block DNS-based attacks.
Which solution will meet this requirement?