Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 87 discussion

A company has an AWS Site-to-Site VPN connection between its existing VPC and on-premises network. The default DHCP options set is associated with the VPC. The company has an application that is running on an Amazon Linux 2 Amazon EC2 instance in the VPC. The application must retrieve an Amazon RDS database secret that is stored in AWS Secrets Manager through a private VPC endpoint. An on-premises application provides internal RESTful API service that can be reached by URL (https://api.example.internal). Two on-premises Windows DNS servers provide internal DNS resolution.

The application on the EC2 instance needs to call the internal API service that is deployed in the on-premises environment. When the application on the EC2 instance attempts to call the internal API service by referring to the hostname that is assigned to the service, the call fails. When a network engineer tests the API service call from the same EC2 instance by using the API service's IP address, the call is successful.

What should the network engineer do to resolve this issue and prevent the same problem from affecting other resources in the VPC?

  • A. Create a new DHCP options set that specifies the on-premises Windows DNS servers. Associate the new DHCP options set with the existing VPC. Reboot the Amazon Linux 2 EC2 instance.
  • B. Create an Amazon Route 53 Resolver rule. Associate the rule with the VPC. Configure the rule to forward DNS queries to the on-premises Windows DNS servers if the domain name matches example.internal.
  • C. Modify the local host file in the Amazon Linux 2 EC2 instance in the VPMap the service domain name (api.example.internal) to the IP address of the internal API service.
  • D. Modify the local /etc/resolv.conf file in the Amazon Linux 2 EC2 instance in the VPC. Change the IP addresses of the name servers in the file to the IP addresses of the company's on-premises Windows DNS servers.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
AlirezaNetWorld
2 months ago
Why not A? I think it has all, we need to do to solve this issue for now and for the future
upvoted 1 times
...
Raphaello
6 months, 4 weeks ago
Selected Answer: B
B is the correct answer, but it feels it could be better worded.
upvoted 2 times
...
Arad
1 year ago
Selected Answer: B
I think B is the correct answer.
upvoted 1 times
...
ISSDoksim
1 year, 3 months ago
B - agreed
upvoted 1 times
...
albertkr
1 year, 4 months ago
Selected Answer: B
voted for B
upvoted 2 times
...
rhinozD
1 year, 6 months ago
Selected Answer: C
I just wonder why option C does not mention anything about the outbound endpoint. Can we direct do that without an outbound endpoint? I think C is doable.
upvoted 1 times
tom_cat
1 year, 6 months ago
Yes, it will work but requirement is "prevent the same problem from affecting other resources in the VPC" and modifying file inside single instance won't do it.
upvoted 7 times
...
...
Kristin01
1 year, 6 months ago
Selected Answer: B
B is correct
upvoted 3 times
...
tom_cat
1 year, 6 months ago
Selected Answer: B
Should be B.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...