Route 53

Question 1

What are the main features of a Route 53 Public Hosted Zone?

Answer 1

• Accessible from both the public internet and VPCs
• Authoritative for a specific domain
• Externally registered domains can point to a Route 53 Public Hosted Zone
• Hosts DNS records (e.g. A, AAAA, MX, NS, TXT)

Question 2

Which Route 53 component contains information about how to route traffic on the internet for a specific domain and its subdomains?

Answer 2

Public Hosted Zone

Question 3

What Route 53 feature allows DNS resolution for internal resources accessible only within specified VPCs?

Answer 3

Private Hosted Zone

Question 4

What are the main features of a Route 53 Private Hosted Zone?

Answer 4

• Inaccessible from the public internet
• Accessible only from associated VPCs (from current account or other accounts)

Question 5

What instructions reside in authoritative DNS servers and provide information about a domain, including the associated IP address and how to handle requests for that domain?

Answer 5

DNS Records

Question 6

When creating a DNS record in Route 53, what configurations must be provided?

Answer 6

• Record Name (e.g., accounting.example.com),
• Record Type (e.g., A)
• Record Value (e.g. 229.44.81.208)
• TTL in seconds (e.g., 300)
• Routing Policy (e.g., simple routing)

Question 7

Which architectural approach allows the DNS server to respond differently to the same DNS query based on the source of the query (public or private)?

Answer 7

Split-view DNS

Hosted Zones (Public and Private) can mirror their records, but additional subdomains may only be accessible from VPCs associated with a Private Hosted Zone and not from the Public

Question 8

What is the difference between CNAME and ALIAS record types?

Answer 8

• CNAME maps a name to another name (e.g. www.example.com to example.com) and cannot be used for the apex domain (e.g. example.com)
• ALIAS is an AWS-specific record type used only in Route 53 that maps a name to an AWS resource (e.g. example.com to an Elastic Load Balancer, API Gateway, CloudFront, Elastic Beanstalk, Global Accelerator, S3), it can be used for the apex domain, incurs no additional cost, and is the default choice for routing traffic to AWS services

Question 9

What types of Route 53 Health Checks are available?

Answer 9

• Endpoint health check
• Calculated health check (monitors status of other health checks)
• State of CloudWatch alarms health check

Question 10

Are Route 53 Health Checks configured within Route 53 records?

Answer 10

Health Checks are configured separately but are used by Route 53 records

Question 11

Which Route 53 feature monitors the health and performance of web applications, web servers, and other resources?

Answer 11

Route 53 Health Checks

Question 12

How are Route 53 Health Checks performed, and how frequently?

Answer 12

Health checks are performed every 30 seconds (default), or every 10 seconds (with additional cost), by globally distributed health checkers

Question 13

Which protocols are supported for Route 53 Health Checks?

Answer 13

• TCP
• HTTP/HTTPS
• HTTP/HTTPS with String Matching

Question 14

What criteria does Route 53 use to determine if an endpoint is healthy?

Answer 14

An endpoint is considered healthy if 18% or more of health checkers report that the endpoint is healthy

Question 15

Does Route 53 return records that fail Health Checks?

Answer 15

No, unhealthy record is not returned in DNS queries, an SNS topic can be configured to trigger notifications when an endpoint is unhealthy

Question 16

What defines how DNS queries are directed to specific resources in AWS Route 53 based on factors like location, health checks, or traffic load?

Answer 16

Routing Policy

Question 17

Which Route 53 Routing Policy is used to direct traffic to a single resource, such as a web server?

Answer 17

Simple Routing policy

Question 18

What types of Routing Policies are available in Route 53?

Answer 18

• Simple Routing
• Failover Routing
• Multi-value Routing
• Weighted Routing
• Latency Routing
• Geolocation Routing
• Geoproximity Routing

Question 19

Name a Route 53 Routing Policy with the following characteristics:
- Can create records in a private hosted zone
- One record per name
- Each record can have multiple values returned in random order
- The client selects and uses one value
- Does not support health checks

Answer 19

Simple Routing Policy

Question 20

Which Route 53 routing policy is used for an active-passive failover configuration?

Answer 20

Failover Routing Policy

Question 21

Name a Route 53 Routing Policy with the following characteristics:
- Can create records in a private hosted zone
- Supports multiple records per name (primary and secondary)
- Includes health checks (typically on the primary record)
- Returns the secondary record if the primary record is unhealthy

Answer 21

Failover Routing Policy

Question 22

Which Route 53 Routing Policy responds to DNS queries with up to eight healthy randomly selected records?

Answer 22

Multi-value Routing Policy

Question 23

Name a Route 53 Routing Policy with the following characteristics:
- Can create records in a private hosted zone
- Functions like a combination of simple and failover routing
- Supports multiple records with the same name
- Each record returns a different value
- Each record can have an associated health check
- Returns up to 8 healthy records (randomly selected) to the client
- Aims to improve availability (typically used for active-active workloads)

Answer 23

Multi-value Routing Policy

Question 24

Which Route 53 Routing Policy is used to route traffic to multiple resources in specified proportions?

Answer 24

Weighted Routing Policy

Question 25

Name a Route 53 Routing Policy with the following characteristics: - Can create records in a private hosted zone - Supports multiple records with the same name - Each record can have an associated weight (total of 100) - Records with a weight of 0 are never returned (unless all records are set to 0) - Can be combined with health checks (the process is repeated until a healthy record is chosen) - Used for load balancing and testing new versions of software

Answer 25

Weighted Routing Policy

Question 26

Which Route 53 Routing Policy routes traffic to the resources that provide the lowest latency across multiple AWS Regions?

Answer 26

Latency Routing Policy

Question 27

Name a Route 53 Routing Policy with the following characteristics: - Can create records in a private hosted zone - Supports multiple records with the same name - Each record can be associated with an AWS Region - AWS maintains a database of latencies between different regions - The record with the lowest latency is selected and returned - Can be combined with health checks (returns a healthy record that provides the lowest latency) - Used to optimize performance and user experience

Answer 27

Latency Routing Policy

Question 28

Which Route 53 Routing Policy routes traffic based on users' locations?

Answer 28

Geolocation Routing Policy

Question 29

Name a Route 53 Routing Policy with the following characteristics: - Can create records in a private hosted zone - Each record is tagged with a location ISO code (country, continent, default) - IP checks verify the users' location (normally the resolver) - Returns relevant records (not necessarily the closest) - If no location matches, the default record is returned - If no default record is set, nothing is returned - Used to restrict content, enforce regional restrictions, provide language-specific content, and load balance across regional endpoints based on customer location

Answer 29

Geolocation Routing Policy

Question 30

Which Route 53 Routing Policy routes traffic based on the location of resources and can optionally shift traffic between resources in different locations?

Answer 30

Geoproximity Routing Policy

Question 31

Name a Route 53 Routing Policy with the following characteristics: - Can create records in a private hosted zone - Each record can be tagged with an AWS Region or coordinates - Directs user requests to the closest resources - Adding a "+" bias to rules increases the size of the region and decreases the size of neighboring regions

Answer 31

Geoproximity Routing Policy

Question 32

What DNS feature authenticates responses to domain name lookups, preventing attackers from manipulating or poisoning the responses, but does not provide privacy protections for those lookups?

Answer 32

Domain Name System Security Extensions (DNSSEC)

Question 33

What are the benefits of using DNSSEC?

Answer 33

- Origin authentication (data origin verification) - Data integrity protection (prevents data modification in transit) - Provides a cryptographically verifiable DNS chain of trust (from DNS root zone to DNS records) - Helps protect against poisoned DNS caches, which could return malicious IP addresses from DNS queries

Question 34

What is the resiliency posture of the AWS Route 53 service?

Answer 34

Route 53 is a Globally resilient service

Question 35

Which routing policy should be used in Route 53 to equally split requests between two load balancers in different regions?

Answer 35

Weighted routing policy, create two record sets, one for each load balancer, and assign equal weights of 1 to both