Exam SAP-C02 All QuestionsBrowse all questions from this exam
Go to Exam
Question 1

A company needs to architect a hybrid DNS solution. This solution will use an Amazon Route 53 private hosted zone for the domain cloud.example.com for the resources stored within VPCs.

The company has the following DNS resolution requirements:

On-premises systems should be able to resolve and connect to cloud.example.com.

All VPCs should be able to resolve cloud.example.com.

There is already an AWS Direct Connect connection between the on-premises corporate network and AWS Transit Gateway.

Which architecture should the company use to meet these requirements with the HIGHEST performance?

    Correct Answer: A

    To achieve the highest performance hybrid DNS solution, the company should associate the Route 53 private hosted zone with all VPCs, ensuring that all VPCs can resolve cloud.example.com. Additionally, creating a Route 53 inbound resolver in the shared services VPC and attaching all VPCs to the transit gateway will allow on-premises systems to resolve the cloud.example.com domain by forwarding rules in the on-premises DNS server pointing to the inbound resolver. This ensures seamless DNS resolution for both on-premises and AWS resources.

Discussion
george16941

valid dump https://t.ly/AWSCertifiedSolutionsArchitectProfessional

robertohyena

A. Correct answer. Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/ NOT B. EC2 conditional forwarder will not meet Highest performance requirement. NOT C. Missing: Need to associate private hosted zone to all VPC. "All VPC’s will need to associate their private hosted zones to all other VPC’s if required to." Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/ NOT D. Missing: Need to associate private hosted zone to all VPC. "All VPC’s will need to associate their private hosted zones to all other VPC’s if required to." Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/

awsylum

In your link, you missed this sentence: "The most reliable, performant and low-cost approach is to share and associate private hosted zones directly to all VPCs that need them." You share the PHZ via the Shared Services VPC. You use the .2 DNS Resolver Address in each VPC to connect to the PHZ in the shared services VPC for domain resolution.

alexkro

You forgot an additional condition mentioned in the question: "All VPCs should be able to resolve cloud.example.com." Nobody said there are only shared VPCs there.

Amazon_Dumps_Com_WebOption: A

A is still valid answer

AmazonExams

This Answer is correct

kfgan

Just passed today with score 810. The questions are mixture from the entire dump. I would say 30% for 1-200, 70% 201-480

TonytheTiger

Pass the exam with 822 last week, spend 3 month studying and when over all the questions three times and researched all the discussion answers. 90% of question came from here and I saw like 5 new questions

TonytheTiger

And thank you to all the contributors comments to validate the correct answers for these questions. Lets keep working together to improve our careers opportunities.

AlbertC

Passed exam in first attempt at 842 yesterday. I thought I may failed it at end(50% chance). Only 1 minute left when I finished to answer all questions. I am old and slow guy. I went through this exam guide twice. More exam questions hit in last two pages. I don't think I can pass without this exam guide. 90% questions matched.

frmyndOption: A

https://docs.aws.amazon.com/whitepapers/latest/hybrid-cloud-dns-options-for-vpc/route-53-resolver-endpoints-and-forwarding-rules.html

higashikumiOption: A

To achieve the highest performance hybrid DNS solution, the company should associate a Route 53 private hosted zone with "cloud.example.com" to all VPCs, then create a Route 53 inbound resolver in a shared services VPC. This inbound resolver is connected to the on-premises network via AWS Direct Connect and Transit Gateway, allowing on-premises systems to resolve the private hosted zone. Forwarding rules on the on-premises DNS server direct queries for "cloud.example.com" to the inbound resolver, ensuring seamless resolution for both on-premises and cloud resources.

HelpnosenseOption: A

The 2nd requirement in the question is "All VPCs should be able to resolve cloud.example.com." So the answer is A, not D which is only one VPC not all VPCs.

hahaha1

passed the exam today with score 836, 85% to 90% questions from this dump, new questions are easy though.

Aanand

does anyone have pro account ?

AloraCloudOption: A

You need to associate the private hosted zone to all the VPCs for them to be able to use it for DNS resolution.

MoT0ne

I fully rely on my working knowledge to attend the exam, failed at a score of 731 :( Thanks to the free retake coupon, I have another chance to prepare it with examination strategy!

QasimAWS

that's not bad without an examination strategy, mine is next week.

ichi2kazu

i think A.

jj888Option: A

All VPC’s will need to associate their private hosted zones to all other VPC’s if required to

gofavad926Option: A

By associating the Route 53 private hosted zone with all VPCs, resources within any of those VPCs can resolve domain names within the cloud.example.com domain.