AWS Certified Advanced Networking Specialty Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the AWS Certified Advanced Networking Specialty Exam with detailed flashcards and multiple-choice questions. Each question includes hints and explanations. Ace your exam with confidence!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

For a company using Route 53 Resolver with hybrid connectivity, what is required to log DNS traffic originating from the AWS Cloud?

  1. Enable CloudTrail logging

  2. Configure Route 53 Resolver query logging

  3. Use AWS Config

  4. Create flow logs for the VPC

The correct answer is: Configure Route 53 Resolver query logging

To log DNS traffic originating from the AWS Cloud when using Route 53 Resolver with hybrid connectivity, configuring Route 53 Resolver query logging is essential. This feature allows you to capture and store detailed DNS query information, including the source IP address of the query, the query itself, and the time of the query. By enabling query logging, you can send the logs to an S3 bucket, which facilitates further analysis and troubleshooting of your DNS traffic. In this context, CloudTrail logging is more focused on logging API calls and actions taken on AWS services rather than capturing DNS queries directly. AWS Config is primarily used to monitor and record AWS resource configurations, providing compliance and auditing capabilities, but it does not log DNS queries. Flow logs for the VPC capture information about the IP traffic going to and from network interfaces within your VPC but do not specifically provide details related to DNS queries made through Route 53. Therefore, to achieve detailed logging of DNS queries, configuring Route 53 Resolver query logging stands out as the correct approach, ensuring you capture relevant data about DNS traffic for compliance and analysis.

More Questions Like This