Question 1,624 of 1,705
Network DesignhardMultiple ChoiceObjective-mapped

Quick Answer

The answer is the combined delay from the health check failure detection and DNS caching. Route 53 health checks are configured to test every 30 seconds and require three consecutive failures to mark an endpoint unhealthy, creating a 90-second detection window. During this time, Route 53 continues returning the us-east-1 ALB IP, and client DNS resolvers cache that IP for the 60-second TTL, so even after the failure is detected, cached records cause continued timeouts. This question tests your understanding of how health check intervals, failure thresholds, and DNS TTLs interact during regional failover scenarios on the ANS-C01 exam. A common trap is assuming latency routing instantly redirects traffic, but the real bottleneck is the time needed to mark the endpoint unhealthy plus the lingering DNS cache. Remember the 3-30-60 rule: three failures at 30-second intervals plus a 60-second TTL means over two minutes of potential timeout before traffic shifts.

ANS-C01 Network Design Practice Question

This ANS-C01 practice question tests your understanding of network design. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

A company is running a multi-tier web application across two AWS Regions (us-east-1 and eu-west-1) for disaster recovery. The application uses an Application Load Balancer (ALB) in each Region. The company uses Amazon Route 53 with latency-based routing to direct traffic to the closest Region. Recently, during a regional failure in us-east-1, users experienced timeouts instead of being redirected to eu-west-1. The DNS TTL is set to 60 seconds. The Route 53 health checks for the us-east-1 ALB are configured to check the HTTP endpoint every 30 seconds with 3 consecutive failures required to mark it unhealthy. The eu-west-1 ALB is healthy. The company's network design includes a VPC in each Region with public and private subnets. The ALBs are internet-facing and have proper security groups. The Route 53 records are configured correctly. What is the MOST likely cause of the timeout?

Clue words in this question

Noticing these words before you look at the options changes how you read each choice.

  • Clue: "most likely"

    Why it matters: Probability qualifier — the question wants the most probable cause or outcome, not a guaranteed one. Eliminate low-probability options.

Question 1hardmultiple choice
Read the full DNS explanation →

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

The health check interval and failure threshold cause a delay in detecting the failure, and DNS caching causes clients to still resolve to the unhealthy endpoint.

Option A is correct. Health checks check the endpoint every 30 seconds, and require 3 consecutive failures to mark unhealthy. This means it takes 90 seconds (30s * 3) to detect failure. During that time, Route 53 continues to return the us-east-1 ALB IP, and users' DNS resolvers cache the IP for the TTL of 60 seconds. Therefore, even after the health check marks the endpoint unhealthy, some users may still have the cached IP and experience timeouts. Option B is incorrect because latency-based routing would automatically shift traffic to eu-west-1 when us-east-1 is unhealthy. Option C is incorrect because the ALB is internet-facing and should be accessible from other regions. Option D is incorrect because Route 53 health checks can check endpoints across regions.

Key principle: Count usable hosts — not total addresses — and remember that the network and broadcast addresses are not available to hosts in standard IPv4 subnets.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • The latency-based routing policy does not fail over to the other region when a health check fails.

    Why it's wrong here

    Latency-based routing with health checks does fail over to healthy endpoints.

  • The ALB in us-east-1 is not configured to be cross-zone load balancing, causing it to fail.

    Why it's wrong here

    Cross-zone load balancing is irrelevant to regional failure.

  • The health check interval and failure threshold cause a delay in detecting the failure, and DNS caching causes clients to still resolve to the unhealthy endpoint.

    Why this is correct

    The health check takes up to 90 seconds to mark unhealthy, and DNS TTL of 60 seconds extends the impact.

    Clue confirmation

    The clue word "most likely" in the question point toward this answer.

    Related concept

    CIDR notation defines the prefix length.

  • The Route 53 health check is not able to reach the ALB in us-east-1 from eu-west-1 due to network ACLs.

    Why it's wrong here

    Health checks come from Route 53 health checkers, which are allowed by default.

Common exam traps

Common exam trap: usable hosts are not the same as total addresses

Subnetting questions often tempt you into counting all addresses. In normal IPv4 subnets, the network and broadcast addresses are not usable host addresses.

Detailed technical explanation

How to think about this question

Subnetting questions test whether you can identify the network, broadcast address, usable range, mask and correct subnet. Slow down enough to calculate the block size correctly.

KKey Concepts to Remember

  • CIDR notation defines the prefix length.
  • Block size helps identify subnet boundaries.
  • Network and broadcast addresses are not usable hosts in normal IPv4 subnets.
  • The required host count determines the smallest suitable subnet.

TExam Day Tips

  • Write the block size before choosing the subnet.
  • Check whether the question asks for hosts, subnets or a specific address range.
  • Do not confuse /24, /25, /26 and /27 host counts.

Key takeaway

Count usable hosts — not total addresses — and remember that the network and broadcast addresses are not available to hosts in standard IPv4 subnets.

Real-world example

How this comes up in practice

A media company stores terabytes of video archives that are accessed once a year for audit purposes. Moving these objects to a cold storage tier (Azure Archive, S3 Glacier, or Google Nearline) costs a fraction of hot storage. Questions like this test whether you understand storage tiers, access frequency tradeoffs, and retrieval latency requirements.

What to study next

Got this wrong? Here's your next step.

Review block sizes, usable host formulas (2^n − 2), and how to find network and broadcast addresses for /24 through /30. Then practise related ANS-C01 subnetting questions on CIDR, address ranges, and subnet selection.

Related practice questions

Related ANS-C01 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free ANS-C01 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this ANS-C01 question test?

Network Design — This question tests Network Design — CIDR notation defines the prefix length..

What is the correct answer to this question?

The correct answer is: The health check interval and failure threshold cause a delay in detecting the failure, and DNS caching causes clients to still resolve to the unhealthy endpoint. — Option A is correct. Health checks check the endpoint every 30 seconds, and require 3 consecutive failures to mark unhealthy. This means it takes 90 seconds (30s * 3) to detect failure. During that time, Route 53 continues to return the us-east-1 ALB IP, and users' DNS resolvers cache the IP for the TTL of 60 seconds. Therefore, even after the health check marks the endpoint unhealthy, some users may still have the cached IP and experience timeouts. Option B is incorrect because latency-based routing would automatically shift traffic to eu-west-1 when us-east-1 is unhealthy. Option C is incorrect because the ALB is internet-facing and should be accessible from other regions. Option D is incorrect because Route 53 health checks can check endpoints across regions.

What should I do if I get this ANS-C01 question wrong?

Review block sizes, usable host formulas (2^n − 2), and how to find network and broadcast addresses for /24 through /30. Then practise related ANS-C01 subnetting questions on CIDR, address ranges, and subnet selection.

Are there clue words in this question I should notice?

Yes — watch for: "most likely". Probability qualifier — the question wants the most probable cause or outcome, not a guaranteed one. Eliminate low-probability options.

What is the key concept behind this question?

CIDR notation defines the prefix length.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Same concept, more angles

1 more ways this is tested on ANS-C01

These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.

Variation 1. A company is deploying a critical application across three AWS Regions using an active-active architecture with Amazon Route 53 latency-based routing. Each region has an Application Load Balancer (ALB) as the endpoint. The application health checks are configured to check the /health endpoint every 10 seconds. During a regional failure, some users experience timeouts while others are redirected correctly. What is the most likely cause?

hard
  • A.Route 53 health checkers take multiple intervals to detect failure, and timeouts occur before failover completes.
  • B.The ALB health check is misconfigured and returns a non-200 status code during normal operation.
  • C.The TTL on the Route 53 record is set too low, causing stale DNS responses.
  • D.Users have cached DNS records from the failed region, and Route 53 does not return healthy endpoints.

Why A: Route 53 health checkers operate from multiple global locations and evaluate the /health endpoint every 10 seconds. However, to declare an endpoint unhealthy, Route 53 requires a configurable number of consecutive failures (default is 3), meaning it can take 30 seconds or more before the DNS record is updated to remove the failed region. During this detection window, some users whose DNS queries are answered by Route 53 before the failure is fully propagated may receive the IP of the failing ALB, leading to timeouts, while others who query after the failover complete successfully.

Last reviewed: Jun 20, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This ANS-C01 practice question is part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the ANS-C01 exam.