Q85 — AWS DOP-C02 Ch.2

Question 85 of 100 | ← Chapter 2

A company needs to implement failover for its application. The application includes an Amazon CloudFront distribution and an Application Load Balancer (ALB) in a primary Region. The company has configured the ALB as the default origin for the distribution. Following recent application outages, the company requires zero-second RTO. The application is deployed to a warm standby configuration in a secondary Region. Architects need to automate failover to the secondary Region so HTTP requests meet the required RTO.

Correct Answer: B. Add a new origin to the existing distribution, setting the primary ALB as the origin. Configure origin group failure for HTTP 5xx status codes. Update the default cache behavior to use the origin group.

Explanation

Achieving zero-second RTO requires immediate, DNS-level failover coordinated with health monitoring. Option C configures Amazon Route 53 with a failover routing policy and health checks against both ALBs, with TTL=0 ensuring near-instant DNS propagation upon health failure. Route 53 automatically routes traffic to the healthy ALB, meeting zero-second RTO for HTTP requests. Option A incorrectly uses CloudFront distributions as targets — Route 53 health checks cannot evaluate CloudFront distribution health directly; they must target ALBs or other endpoints. Option B uses origin groups, which provide origin-level redundancy but do not route traffic away from the primary Region — failover remains within the same Region. Option D uses CloudFront Functions for redirection, introducing latency and browser-side redirects, violating zero-second RTO and breaking transparent failover.