SOA-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SOA-C02 Exam - Question 362

A company is trying to connect two applications. One application runs in an on-premises data center that has a hostname of host1.onprem private. The other application runs on an Amazon EC2 instance that has a hostname of host1.awscloud private. An AWS Site-to-Site VPN connection is in place between the on-premises network and AWS.

The application that runs in the data center tries to connect to the application that runs on the EC2 instance, but DNS resolution fails. A SysOps administrator must implement DNS resolution between on-premises and AWS resources.

Which solution allows the on-premises application to resolve the EC2 instance hostname?

Show Answer
Correct Answer: A

To establish DNS resolution between an on-premises data center and AWS, an AWS Route 53 inbound resolver endpoint must be set up and associated with the VPC where the EC2 instance is running. The on-premises DNS resolver should forward DNS queries for the onprem.private domain to the inbound resolver endpoint. This setup allows DNS queries from the on-premises data center to resolve the private hostnames within the AWS VPC. This matches the requirement to enable the on-premises server to resolve the EC2 instance hostname

Discussion

14 comments
Sign in to comment
[Removed]
Jul 10, 2023

Option A involves setting up an Amazon Route 53 inbound resolver endpoint with a forwarding rule for the onprem.private hosted zone, associating the resolver with the VPC of the EC2 instance, and configuring the on-premises DNS resolver to forward onprem.private DNS queries to the inbound resolver endpoint. However, this solution would not allow the on-premises application to resolve the EC2 instance hostname because it is forwarding queries for the onprem.private hosted zone instead of the awscloud.private hosted zone. Option B is still the correct solution as it involves setting up an Amazon Route 53 inbound resolver endpoint, associating the resolver with the VPC of the EC2 instance, and configuring the on-premises DNS resolver to forward awscloud.private DNS queries to the inbound resolver endpoint. This would allow the on-premises application to resolve the EC2 instance hostname. B is correct.

Christina666Option: B
Jul 29, 2023

Set up an Amazon Route 53 inbound resolver endpoint: This allows DNS resolution for private DNS namespaces in the VPC that you associate with the resolver. Associate the resolver with the VPC of the EC2 instance: By associating the resolver with the VPC of the EC2 instance that runs the application with the hostname "host1.awscloud.private", DNS queries from that VPC will be resolved by the inbound resolver. Configure the on-premises DNS resolver to forward awscloud.private DNS queries: This step is done on the on-premises DNS resolver. You need to configure it to forward DNS queries for the "awscloud.private" domain to the inbound resolver endpoint. With this configuration, when the application in the on-premises data center tries to resolve the hostname of the EC2 instance in AWS (host1.awscloud.private), the DNS query will be forwarded to the Amazon Route 53 inbound resolver, and it will be able to resolve the private hostname.

Christina666
Aug 4, 2023

To resolve EC2 DNS: On prem DNS forward EC2 DNS-> Route 53 inbound resolver-> which is attach to EC2 VPC

Pete987Option: A
Jun 30, 2023

A: By setting up an inbound resolver endpoint in Amazon Route 53 and associating it with the VPC of the EC2 instance, DNS queries for the onprem.private hosted zone originating from the on-premises network will be resolved by the Amazon Route 53 resolver. The inbound resolver endpoint acts as a DNS forwarder, forwarding DNS queries to the on-premises DNS resolver.

Zotarix
Jul 23, 2023

A is not correct because the forwarding rule is pointing to onprem.private hosted zone. The forwarding rule must point to the destination domain and not the source domain. B is the correct answer. https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver.html

guauOption: B
Jul 2, 2023

Answer A is not correct because it suggests setting up an Amazon Route 53 inbound resolver endpoint with a forwarding rule for the onprem.private hosted zone.

tex23Option: B
Jul 7, 2023

B is the answer. Route 53 resolver provides resolution for AWS resources and on-prem dns NS provides resolution for on-prem resources. When DNS NS gets a dns query for AWS resources, it forwards it to Route 53 resolver.

james2033Option: B
Jul 5, 2024

'inbout resolver endpoint' --> A or B. --> Associate the resolver with the VPC of the EC2 instance. NOT '... onprem.private hosted zone...' --> B.

kevino81Option: A
Jun 29, 2023

I think A it's the better choice

ctd983Option: B
Jul 11, 2023

B is correct

Hatem08Option: B
Dec 10, 2023

I think B is the correct

Hatem08
Dec 10, 2023

sorry A

r2c3poOption: A
Dec 29, 2023

Setting up an inbound resolver endpoint allows the VPC of the EC2 instance to forward DNS queries for the onprem.private hosted zone. The on-premises DNS resolver should be configured to forward onprem.private DNS queries to the inbound resolver endpoint, enabling DNS resolution between on-premises and AWS resources. This approach aligns with the scenario's requirements and enables DNS resolution for the specified private hosted zone. Therefore, option A is the correct solution

AnonymousOption: A
Apr 15, 2024

In Option A, the forwarding rule is specifically configured for the onprem.private hosted zone, which means only DNS queries for this zone are forwarded to the resolver endpoint. This ensures that DNS queries originating from the on-premises network for resources in the onprem.private domain are resolved within the AWS environment. In Option B, there is no specific forwarding rule mentioned. Instead, it suggests forwarding all DNS queries for the awscloud.private domain to the Route 53 resolver endpoint. This may result in unnecessary traffic being forwarded to the resolver endpoint, potentially impacting performance or leading to additional costs. Considering the requirements stated in the question, where the goal is to enable DNS resolution between the on-premises application and the EC2 instance, Option A seems to be the more appropriate choice. It specifically targets the domain used by the EC2 instance (onprem.private) and ensures efficient resolution of DNS queries for this domain within the AWS environment. Therefore, Option A is the preferred solution.

tsangcklOption: A
Jun 2, 2024

A is the reasonable answer

SnapeOption: A
Jun 26, 2024

Option B is more about forwarding the DNS queries from on-premises to the inbound resolver without specifying a forwarding rule for the onprem.private zone, which is less specific.