SAP-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C02 Exam - Question 1

A company needs to architect a hybrid DNS solution. This solution will use an Amazon Route 53 private hosted zone for the domain cloud.example.com for the resources stored within VPCs.

The company has the following DNS resolution requirements:

On-premises systems should be able to resolve and connect to cloud.example.com.

All VPCs should be able to resolve cloud.example.com.

There is already an AWS Direct Connect connection between the on-premises corporate network and AWS Transit Gateway.

Which architecture should the company use to meet these requirements with the HIGHEST performance?

Show Answer
Correct Answer: A

To achieve the highest performance hybrid DNS solution, the company should associate the Route 53 private hosted zone with all VPCs, ensuring that all VPCs can resolve cloud.example.com. Additionally, creating a Route 53 inbound resolver in the shared services VPC and attaching all VPCs to the transit gateway will allow on-premises systems to resolve the cloud.example.com domain by forwarding rules in the on-premises DNS server pointing to the inbound resolver. This ensures seamless DNS resolution for both on-premises and AWS resources.

Discussion

17 comments
Sign in to comment
george16941
May 10, 2024

valid dump https://t.ly/AWSCertifiedSolutionsArchitectProfessional

robertohyena
Dec 11, 2022

A. Correct answer. Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/ NOT B. EC2 conditional forwarder will not meet Highest performance requirement. NOT C. Missing: Need to associate private hosted zone to all VPC. "All VPC’s will need to associate their private hosted zones to all other VPC’s if required to." Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/ NOT D. Missing: Need to associate private hosted zone to all VPC. "All VPC’s will need to associate their private hosted zones to all other VPC’s if required to." Source: https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/

awsylum
Feb 24, 2024

In your link, you missed this sentence: "The most reliable, performant and low-cost approach is to share and associate private hosted zones directly to all VPCs that need them." You share the PHZ via the Shared Services VPC. You use the .2 DNS Resolver Address in each VPC to connect to the PHZ in the shared services VPC for domain resolution.

alexkro
Mar 27, 2024

You forgot an additional condition mentioned in the question: "All VPCs should be able to resolve cloud.example.com." Nobody said there are only shared VPCs there.

Amazon_Dumps_Com_WebOption: A
Jul 18, 2024

A is still valid answer

AmazonExams
May 26, 2024

This Answer is correct

kfgan
Apr 26, 2024

Just passed today with score 810. The questions are mixture from the entire dump. I would say 30% for 1-200, 70% 201-480

AlbertC
Apr 10, 2024

Passed exam in first attempt at 842 yesterday. I thought I may failed it at end(50% chance). Only 1 minute left when I finished to answer all questions. I am old and slow guy. I went through this exam guide twice. More exam questions hit in last two pages. I don't think I can pass without this exam guide. 90% questions matched.

TonytheTiger
Jun 14, 2024

Pass the exam with 822 last week, spend 3 month studying and when over all the questions three times and researched all the discussion answers. 90% of question came from here and I saw like 5 new questions

TonytheTiger
Jun 14, 2024

And thank you to all the contributors comments to validate the correct answers for these questions. Lets keep working together to improve our careers opportunities.

frmyndOption: A
Apr 1, 2024

https://docs.aws.amazon.com/whitepapers/latest/hybrid-cloud-dns-options-for-vpc/route-53-resolver-endpoints-and-forwarding-rules.html

higashikumiOption: A
May 15, 2024

To achieve the highest performance hybrid DNS solution, the company should associate a Route 53 private hosted zone with "cloud.example.com" to all VPCs, then create a Route 53 inbound resolver in a shared services VPC. This inbound resolver is connected to the on-premises network via AWS Direct Connect and Transit Gateway, allowing on-premises systems to resolve the private hosted zone. Forwarding rules on the on-premises DNS server direct queries for "cloud.example.com" to the inbound resolver, ensuring seamless resolution for both on-premises and cloud resources.

gofavad926Option: A
Mar 16, 2024

By associating the Route 53 private hosted zone with all VPCs, resources within any of those VPCs can resolve domain names within the cloud.example.com domain.

jj888Option: A
Apr 5, 2024

All VPC’s will need to associate their private hosted zones to all other VPC’s if required to

ichi2kazu
Apr 7, 2024

i think A.

MoT0ne
Apr 14, 2024

I fully rely on my working knowledge to attend the exam, failed at a score of 731 :( Thanks to the free retake coupon, I have another chance to prepare it with examination strategy!

QasimAWS
Apr 20, 2024

that's not bad without an examination strategy, mine is next week.

AloraCloudOption: A
May 14, 2024

You need to associate the private hosted zone to all the VPCs for them to be able to use it for DNS resolution.

Aanand
May 24, 2024

does anyone have pro account ?

hahaha1
May 26, 2024

passed the exam today with score 836, 85% to 90% questions from this dump, new questions are easy though.

HelpnosenseOption: A
Jun 16, 2024

The 2nd requirement in the question is "All VPCs should be able to resolve cloud.example.com." So the answer is A, not D which is only one VPC not all VPCs.