AWS Certified Advanced Networking – Specialty ANS-C00 – Question077

A network engineer is deploying an application on an Amazon EC2 instance. The instance is reachable within the VPC through its private IP address and from the internet using an elastic IP address. Clients are connecting to the instance over the Internet and within the VPC, and the application needs to be identified by a single custom Fully Qualified Domain Name that is publicly resolvable `app.example.com'.
Instances within the VPC should always connect to the private IP to minimize data transfer costs.
How should the engineer configure DNS to support these requirements?

A.
Use Amazon Route 53 to create a geo-based routing entry for the hostname `app' in the DNS zone `example.com'.
B. Create two A record entries for `app' in the DNS zone `example.com' one for the public IP and one for the private IP.
C. Use Route 53 to create an ALIAS record to the public DNS name for the instance.
D. Create a CNAME for `app' in the DNS zone `example.com' to the public DNS name for the Amazon EC2 instance.

Correct Answer: D