Amazon Route 53

Table of Contents

What is DNS?
  • The Domain Name Service or DNS, is a name resolution service on a TCP/IP network.
  • It is an application layer which defines how the application runs on different systems, pass the messages to each other.
  • DNS stands for Domain Name System.
  • DNS provides a mapping between the name of a host(on the network) and its address.
  • DNS is required for the functioning of the internet.
  • DNS is a service that translates the domain name into IP addresses.
  • It applies to both IP version 4 and IP version 6.
  • A DNS zone is related to a DNS domain name.Ex: cloudvikas.com.
  • The DNS zone refers to the configuration of the
    • DNS records, or
    • DNS domain name and
    • The DNS server that has control over those records within that zone.

What is TTL or The time to live in DNS?

DNS TTL (time to live) is a setting that tells the DNS resolver how long to cache a query before requesting a new one. So its information is stored in the cache of the recursive or local resolver for the TTL before it reaches back out to collect new, updated details.

  • Example: If a client queries its configured DNS server to resolve a name to an IP address then a server does a successful name resolution result, it will cache it for a period of time. That period of time is called the TTL or the time to live.
  • We recommend a TTL of 24 hours (86,400 seconds). However, if you are planning to make DNS changes, you can lower the TTL to 5 minutes (300 seconds) at least 24 hours in advance of making the changes. 

Consider you need to allow inbound DNS client queries to a VPC subnet. Which port should you allow in the Network ACL rule?

Ans- 53

Question: Which type of DNS record routing rule allows sending a percentage of traffic to a specific host?

Ans – Weighted

Question: You are registering a new DNS domain through Route 53. What must you supply when registering the domain?

Ans – Contact details

Question: Which records exist automatically in a new hosted DNS zone?

Ans – NS

SOA

Question: Which of the following statements is correct? Choose two.

Security group rules have a priority number

Security groups are associated with EC2 instances

Network ACL rules have a priority number

Network ACLs are associated subnets

Ans – Network ACL rules have a priority number

Network ACLs are associated subnets

Question: You are using the AWS management console to create a new Network ACL. What must the ACL be associated with?

Ans – VPC

Question: You have created a network ACL. You now need to create ACL rules using the CLI. Which command should you use?

Ans – aws ec2 create-network-acl-entry

Question: Which PowerShell statement is used to create a Network ACL?

Ans – New-EC2NetworkAcl -VpcId

Question: Which AWS objects can Elastic IPs be associated with?

Ans – Instance

Network interface

Question: You are using the AWS management console to create a new Security Group. What must the security group be associated with?

Ans – VPC

Question: Which CLI command is used to list AWS Security Groups?

Ans – aws ec2 describe-security-groups

Question: we need to allow port 3389 traffic to pass into an EC2 instance. Which PowerShell cmdlet should we use to modify the security group associated with the instance?

Ans – Grant-EC2SecurityGroupIngress

Question: Which term best describes the role of an AWS Internet Gateway?

Ans – Pass-through

Question: You have created an Internet Gateway in VPC1, yet EC2 instances in VPC1 subnets cannot reach the Internet. What should you do?

Ans – Add a route from the subnets

Question: Which term best describes the role of an AWS NAT Gateway?

Ans – Proxy

Question: Which two items must a new NAT gateway be associated with?

Ans – Elastic IP

Subnet