Why This Cheat Sheet Matters for ANS-C01
This cheat sheet covers the most important Route 53 & DNS concepts tested on the ANS-C01 (AWS Advanced Networking Specialty) certification exam. It contains 4 sections with 19 key points that you should memorize before exam day. Master DNS routing policies, health checks, failover, DNSSEC, private hosted zones, resolver endpoints, hybrid DNS, and traffic flow. Use this as a quick-reference guide during your final review sessions.
4Sections
19Key Points
Routing Policies
- Simple: single value, no health check
- Weighted: distribute traffic by weight (0–255)
- Latency: route to lowest-latency region
- Failover: primary/secondary with health checks
- Geolocation: route by continent/country/state
- Geoproximity: route by geographic distance with bias
- Multivalue answer: up to 8 healthy records (not a load balancer substitute)
Health Checks
- Endpoint: HTTP/HTTPS/TCP to IP or domain (10 or 30 sec interval)
- Calculated: combine child health checks (AND/OR logic)
- CloudWatch alarm: monitor metrics-based health
- Threshold: configurable failure count (default 3/10 checkers)
Hybrid DNS (Resolver)
- Inbound endpoint: on-prem resolves AWS private zones → ENIs in VPC
- Outbound endpoint: AWS resolves on-prem domains → forwards to on-prem DNS
- Forwarding rules: conditional forwarding by domain name
- Share rules via RAM across accounts in Organization
DNSSEC
- Signing: Route 53 signs hosted zone with KSK + ZSK
- Chain of trust: DS record in parent zone validates child
- Key management: CMK in KMS for KSK, Route 53 manages ZSK
- Enable per hosted zone — cannot partial-enable
Practice Route 53 Questions
Put your knowledge to the test with practice questions.