A financial company is designing a secure AWS network architecture to support a hybrid cloud strategy. Systems deployed in the AWS Cloud are mission critical and have strict availability requirements. The company anticipates the need for hundreds of VPCs. Instances will be transient and rely heavily on DNS resolution. The applications must be designed to have Availability Zone isolation and tolerate the loss of an Availability Zone. What is the MOST reliable way to implement DNS in this scenario?
A) Create a new DHCP options set with DNS settings with on-premises DNS servers that traverse an AWS Direct Connect connection.
B) Create private hosted zones and share them with each VPC. Use Amazon Route 53 Resolver for hybrid DNS.
C) Modify the default DHCP options set with a fleet of proxy DNS servers that are deployed in each VPC.
D) Create a fleet of DNS proxy servers in a central VPC. Share the proxy fleet with each VPC using AWS PrivateLink.

Question

Quizplus · Accepted Answer

The Answer of A financial company is designing a secure AWS network architecture to support a hybrid cloud strategy. Systems deployed in the AWS Cloud are mission critical and have strict availability requirements. The company anticipates the need for hundreds of VPCs. Instances will be transient and rely heavily on DNS resolution. The applications must be designed to have Availability Zone isolation and tolerate the loss of an Availability Zone. What is the MOST reliable way to implement DNS in this scenario?
A) Create a new DHCP options set with DNS settings with on-premises DNS servers that traverse an AWS Direct Connect connection.
B) Create private hosted zones and share them with each VPC. Use Amazon Route 53 Resolver for hybrid DNS.
C) Modify the default DHCP options set with a fleet of proxy DNS servers that are deployed in each VPC.
D) Create a fleet of DNS proxy servers in a central VPC. Share the proxy fleet with each VPC using AWS PrivateLink.

A Financial Company Is Designing a Secure AWS Network Architecture