AWS Certified Advanced Networking – Specialty ANS-C00 – Question374

A company's network engineer needs to evaluate and monitor DNS traffic. The company uses Amazon
Route 53 as the DNS service for its public hosted zone. All DNS queries must be captured for future analysis.
What should the network engineer do to meet these requirements?

A.
Use AWS WAF to log information to Amazon CloudWatch Logs about the queries that Route 53 receives.
B. Use VPC Flow Logs to log information to Amazon CloudWatch Logs Insights about the queries that Route 53 receives.
C. Use Route 53 query logging to log information to Amazon CloudWatch Logs about the queries that Route 53 receives.
D. Use AWS CloudTrail to log information to Amazon CloudWatch Logs Insights about the queries that Route 53 receives.