he Domain Name System and Network Routing: Amazon Route 53 and Amazon CloudFront

Question 1

Which of the following describes the function of a name server?
Translating human‐readable domain names into IP addresses
Registering domain names with ICANN
Registering domain names with VeriSign
Applying routing policies to network packets

Answer 1

A. Option A is the correct answer. Name servers resolve IP addresses from domain names, allowing clients to connect to resources. Domain registration is performed by domain name registrars. Routing policies are applied through record sets within hosted zones.

Question 2

Your organization is planning a new website and you’re putting together all the pieces of information you’ll need to complete the project. Which of the following describes a domain?
An object’s FQDN
Policies controlling the way remote requests are resolved
One or more servers, data repositories, or other digital resources identified by a single domain name
A label used to direct network requests to a domain’s resources

Answer 2

C. A domain is a set of resources identified by a single domain name. FQDN stands for fully qualified domain name. Policies for resolving requests are called routing policies.

Question 3

You need to decide which kind of website name will best represent its purpose. Part of that task will involve choosing a top‐level domain (TLD). Which of the following is an example of a TLD?
amazon.com/documentation/
aws.
amazon.
.com

Answer 3

D. The rightmost section of an FQDN address is the TLD. aws. would be a subdomain or host, amazon. is the SLD, and amazon.com/documentation/ points to a resource stored at the web root of the domain server.

Question 4

Which of the following is the name of a record type— as used—in a zone file?
CNAME (canonical name)
TTL (time to live)
Record type
Record data

Answer 4

A. CNAME is a record type. TTL, record type, and record data are all configuration elements, not record types.

Question 5

Which of the following DNS record types should you use to associate a domain name with an IP address?
NS
SOA
A
CNAME

Answer 5

C. An A record maps a hostname to an IPv4 address. NS records identify name servers. SOA records document start of authority data. CNAME records define one hostname as an alias for another.

Question 6

Which of the following are services provided by Amazon Route 53? (Choose three.)
Domain registration
Content delivery network
Health checks
DNS management
Secure and fast direct network connections to an AWS VPC

Answer 6

A, C, D. Route 53 provides domain registration, health checks, and DNS management. Content delivery network services are provided by CloudFront. Secure and fast network connections to a VPC can be created using AWS Direct Connect.

Question 7

For regulatory compliance, your application may only provide data to requests coming from the United States. Which of the following routing policies can be configured to do this?
Simple
Latency
Geolocation
Multivalue

Answer 7

C. Geolocation can control routing by the geographic origin of the request. The simple policy sends traffic to a single resource. Latency sends content using the fastest origin resource. Multivalue can be used to make a deployment more highly available.

Question 8

Your web application is hosted within multiple AWS regions. Which of the following routing policies will ensure the fastest possible access for your users?
Latency
Weighted
Geolocation
Failover

Answer 8

A. Latency selects the available resource with the lowest latency. Weighted policies route among multiple resources by percentage. Geolocation tailors request responses to the end user’s location but isn’t concerned with response speed. Failover incorporates backup resources for higher availability.

Question 9

You’re testing three versions of a new application, with each version running on its own server and the current production version on a fourth server. You want to route 5 percent of your total traffic to each of the test servers and route the remaining 85 percent of traffic to the production server. Which routing policy will you use?
Failover
Weighted
Latency
Geolocation

Answer 9

B. Weighted policies route among multiple resources by percentage. Failover incorporates backup resources for higher availability. Latency selects the available resource with the lowest latency. Geolocation tailors request responses to the end user’s location.

Question 10

You have production infrastructure in one region sitting behind one DNS domain, and for disaster recovery purposes, you have parallel infrastructure on standby in a second AWS region behind a second domain. Which routing policy will automate the switchover in the event of a failure in the production system?
Latency
Weighted
Geolocation
Failover

Answer 10

D. Failover incorporates backup resources for higher availability. Latency selects the available resource with the lowest latency. Weighted policies route among multiple resources by percentage. Geolocation tailors request responses to the end user’s location.

Question 11

Which of the following kinds of hosted zones are real options within Route 53? (Choose two.)
Public
Regional
VPC
Private
Hybrid

Answer 11

A, D. Public and private hosting zones are real options. Regional, hybrid, and VPC zones don’t exist (although private zones do map to VPCs).

Question 12

Which of the following actions will you need to perform to transfer a domain from an external registrar to Route 53? (Choose two.)
Unlock the domain transfer setting on the external registrar admin page.
Request an authorization code from the external registrar.
Copy the name server addresses from Route 53 to the external registrar admin page.
Create a hosted zone CNAME record set.

Answer 12

A, B. To transfer a domain, you’ll need to make sure the domain isn’t set to locked. You’ll also need an authorization code that you’ll provide to Route 53. Copying name server addresses is necessary only for managing domains that are hosted on but not registered with Route 53. CNAME record sets are used to define one hostname as an alias for another.

Question 13

Which of the following actions will you need to perform to use Route 53 to manage a domain that’s being hosted on an external registrar?
Request an authorization code from the external registrar.
Copy the name server addresses from Route 53 to the external registrar admin page.
Create a hosted zone CNAME record set.
Unlock the domain transfer setting on the external registrar admin page.

Answer 13

B. You can enable remotely registered domains on Route 53 by copying name server addresses into the remote registrar‐provided interface (not the other way around). Making sure the domain isn’t set to locked and requesting authorization codes are used to transfer a domain to Route 53, not just to manage the routing. CNAME record sets are used to define one hostname as an alias for another.

Question 14

Your multiserver application has been generating quality‐related complaints from users and your logs show some servers are underused and others have been experiencing intermittent failures. How do Route 53 health checks test for the health of a resource so that a failover policy can direct your users appropriately?
It periodically tries to load the index.php page.
It periodically tries to load the index.html page.
It periodically tries to load a specified web page.
It periodically tries to log into the resource using SSH.

Answer 14

C. You specify the web page that you want used for testing when you configure your health check. There is no default page. Remote SSH sessions would be impossible for a number of reasons and wouldn’t definitively confirm a running resource in any case.

Question 15

Which of the following most accurately describes the difference between geolocation and geoproximity routing policies?

Geoproximity policies specify geographic areas by their relationship either to a particular longitude and latitude or to an AWS region, whereas geolocation policies use the continent, country, or U.S. state where the request originated to decide what resource to send.

Geolocation policies specify geographic areas by their relationship either to a particular longitude and latitude or to an AWS region, whereas geoproximity policies use the continent, country, or U.S. state where the request originated to decide what resource to send.

Geolocation policies will direct traffic to the resource you identify as primary as long as health checks confirm that that resource is running properly, whereas geoproximity policies allow you to deliver web pages in customer‐appropriate languages.

Geolocation policies use a health check configuration routing to make a deployment more highly available, whereas geoproximity policies leverage resources running in multiple AWS regions to provide service to clients from the instances that will deliver the best experience.

Answer 15

A. Geoproximity is about precisely pinpointing users, whereas geolocation uses geopolitical boundaries.

Question 16

Which of the following are challenges that CloudFront is well positioned to address? (Choose two.)
A heavily used website providing media downloads for a global audience
An S3 bucket with large media files used by workers on your corporate campus
A file server accessed through a corporate VPN
A popular website with periodically changing content

Answer 16

A, D. CloudFront is optimized for handling heavy download traffic and for caching website content. Users on a single corporate campus or accessing resources through a VPN will not benefit from the distributed delivery provided by CloudFront.

Question 17

Which of the following is not a permitted origin for a CloudFront distribution?
Amazon S3 bucket
AWS MediaPackage channel endpoint
API Gateway endpoint
Web server

Answer 17

C. API Gateway is used to generate custom client SDKs for your APIs to connect your backend systems to mobile, web, and server applications or services.

Question 18

What’s the best way to control the costs your CloudFront distribution incurs?
Select a price class that maintains copies in only a limited subset of CloudFront’s edge locations.
Configure a custom SSL certificate to restrict access to HTTPS requests only.
Disable the use of Alternate Domain Names (CNAMES) for your distribution.
Enable Compress Objects Automatically for your distribution.

Answer 18

A. Choosing a price class offering limited distribution is the best way to reduce costs. Non‐HTTPS traffic can be excluded (thereby saving some money) but not through the configuration of an SSL certificate (you’d need further configuration). Disabling Alternate Domain Names or enabling Compress Objects Automatically won’t reduce costs.

Question 19

Which of the following is not a direct benefit of using a CloudFront distribution?
User requests from an edge location that’s recently received the same request will be delivered with lower latency.
CloudFront distributions can be directly mapped to Route 53 hosted zones.
All user requests will be delivered with lower latency.
You can incorporate free encryption certificates into your infrastructure.

Answer 19

C. Not every CloudFront distribution is optimized for low‐latency service. Requests of an edge location will only achieve lower latency after copies of your origin files are already cached. Therefore, a response to the first request might not be fast because CloudFront still has to copy the file from the origin server.

Question 20

Which of the following content types is the best fit for a Real‐Time Messaging Protocol (RTMP) distribution?
Amazon Elastic Transcoder–based videos
S3‐based videos
Streaming videos
A mix of text and media‐rich digital content