The answer is to create Route 53 failover records with health checks for the primary and secondary ALBs. This configuration is the only one that enables automatic cross-Region DNS failover because Route 53’s failover routing policy actively monitors endpoint health via health checks; when the primary endpoint’s health check fails, Route 53 instantly returns the secondary ALB’s IP address in DNS responses, rerouting traffic away from the unhealthy region. On the SAA-C03 exam, this scenario tests your understanding that failover routing is purpose-built for active-passive setups across Regions, while simple, weighted, or geolocation routing lack native health-based failover—a common trap is confusing weighted routing with failover. Remember the key distinction: failover routing is the only policy that pairs with health checks to automatically switch DNS traffic based on endpoint health, not just traffic distribution. A useful memory tip is “Failover = Health Check + Automatic Switch,” ensuring you choose it for any cross-Region disaster recovery scenario.
SAA-C03 Design Resilient Architectures Practice Question
This SAA-C03 practice question tests your understanding of design resilient architectures. The scenario asks you to isolate a root cause — eliminate options that address a different problem before choosing. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
Exhibit
Route 53 record set
Name: app.example.com
Type: A (Alias)
Routing policy: Simple
Alias target: alb-primary-123.us-east-1.elb.amazonaws.com
TTL: 60 seconds
Health check
ID: hc-44
Status: Inactive
Secondary environment
ALB target exists in us-west-2: alb-secondary-456.us-west-2.elb.amazonaws.com
Operational note
A Region outage should shift users to the secondary ALB without manual DNS changes.
Based on the exhibit, the company wants DNS traffic to fail over automatically from the primary Region to a secondary Region when the primary endpoint is unhealthy. Which Route 53 change is best?
Clue words in this question
Noticing these words before you look at the options changes how you read each choice.
Clue: "best"
Why it matters: Signals that multiple options may be partially correct. Choose the option that most directly solves the exact problem described, not the one that sounds most complete.
Clue: "primary"
Why it matters: Asks for the main purpose or function, not a secondary benefit. Eliminate answers that describe side-effects or partial functions.
Route 53 record set
Name: app.example.com
Type: A (Alias)
Routing policy: Simple
Alias target: alb-primary-123.us-east-1.elb.amazonaws.com
TTL: 60 seconds
Health check
ID: hc-44
Status: Inactive
Secondary environment
ALB target exists in us-west-2: alb-secondary-456.us-west-2.elb.amazonaws.com
Operational note
A Region outage should shift users to the secondary ALB without manual DNS changes.
A
Keep simple routing and lower the TTL to 10 seconds.
Why wrong: A lower TTL can make clients refresh cached answers sooner, but simple routing still returns only one endpoint and does not provide primary/secondary failover behavior. It does not automatically switch traffic to the standby Region when the primary becomes unhealthy.
B
Use weighted routing with equal weights for both ALBs.
Why wrong: Weighted routing is useful for traffic splitting or gradual migration, but it is not the same as health-based disaster recovery. Equal weights do not create a primary endpoint with an automatic standby that is used only on failure.
C
Use geolocation routing so users in each continent reach a closer ALB.
Why wrong: Geolocation routing makes decisions based on user location, not on endpoint health or Regional disaster recovery. It is not designed to shift all traffic away from an unhealthy primary Region.
D
Create Route 53 failover records with health checks for the primary and secondary ALBs.
Failover routing is the Route 53 policy intended for this use case. Route 53 returns the primary record while its health check passes, and automatically serves the secondary record when the primary health check fails. That provides DNS-based Regional failover without manual intervention.
Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.
Correct answer & explanation
✓
Create Route 53 failover records with health checks for the primary and secondary ALBs.
Route 53 failover routing with health checks is the only option that automatically directs DNS traffic away from an unhealthy primary endpoint to a healthy secondary endpoint. When the health check for the primary ALB fails, Route 53 returns the secondary ALB's IP address in DNS responses, providing automatic failover across regions. Simple, weighted, and geolocation routing do not natively support automatic failover based on endpoint health.
Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Answer analysis
Option-by-option breakdown
For each option: why learners choose it and why it is or isn't the right answer here.
✗
Keep simple routing and lower the TTL to 10 seconds.
Why it's wrong here
A lower TTL can make clients refresh cached answers sooner, but simple routing still returns only one endpoint and does not provide primary/secondary failover behavior. It does not automatically switch traffic to the standby Region when the primary becomes unhealthy.
✗
Use weighted routing with equal weights for both ALBs.
Why it's wrong here
Weighted routing is useful for traffic splitting or gradual migration, but it is not the same as health-based disaster recovery. Equal weights do not create a primary endpoint with an automatic standby that is used only on failure.
✗
Use geolocation routing so users in each continent reach a closer ALB.
Why it's wrong here
Geolocation routing makes decisions based on user location, not on endpoint health or Regional disaster recovery. It is not designed to shift all traffic away from an unhealthy primary Region.
✓
Create Route 53 failover records with health checks for the primary and secondary ALBs.
Why this is correct
Failover routing is the Route 53 policy intended for this use case. Route 53 returns the primary record while its health check passes, and automatically serves the secondary record when the primary health check fails. That provides DNS-based Regional failover without manual intervention.
Clue confirmation
The clue words "best", "primary" in the question point toward this answer.
Related concept
Read the scenario before looking for a memorised answer.
Common exam traps
Common exam trap: answer the scenario, not the keyword
The trap here is that candidates often confuse weighted routing with failover, assuming equal weights will somehow cause automatic failover, but weighted routing does not consider health status and requires manual intervention to shift traffic.
Detailed technical explanation
How to think about this question
Route 53 failover records work by associating each record with a health check that monitors the endpoint (e.g., ALB). When the primary record's health check fails, Route 53 removes that record from DNS responses and returns only the secondary record's value. The health check interval and failure threshold (e.g., 30 seconds with 3 consecutive failures) determine failover speed, and you can use a 'primary' and 'secondary' set with the same DNS name to achieve active-passive failover across regions.
KKey Concepts to Remember
Read the scenario before looking for a memorised answer.
Find the constraint that changes the correct option.
Eliminate answers that are true in general but not in this case.
TExam Day Tips
→Watch for words such as best, first, most likely and least administrative effort.
→Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.
Real-world example
How this comes up in practice
A cloud solutions architect for a retail company is evaluating services for a new workload. The correct answer here reflects best practice for the specific scenario described — not a general cloud recommendation. Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option. Cloud exam questions reward reading the constraint carefully: the same technology can be right or wrong depending on the use case.
What to study next
Got this wrong? Here's your next step.
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
Design Resilient Architectures — This question tests Design Resilient Architectures — Read the scenario before looking for a memorised answer..
What is the correct answer to this question?
The correct answer is: Create Route 53 failover records with health checks for the primary and secondary ALBs. — Route 53 failover routing with health checks is the only option that automatically directs DNS traffic away from an unhealthy primary endpoint to a healthy secondary endpoint. When the health check for the primary ALB fails, Route 53 returns the secondary ALB's IP address in DNS responses, providing automatic failover across regions. Simple, weighted, and geolocation routing do not natively support automatic failover based on endpoint health.
What should I do if I get this SAA-C03 question wrong?
Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.
Are there clue words in this question I should notice?
Yes — watch for: "best", "primary". Signals that multiple options may be partially correct. Choose the option that most directly solves the exact problem described, not the one that sounds most complete.
What is the key concept behind this question?
Read the scenario before looking for a memorised answer.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.
Variation 1. A company hosts an internal API in two AWS Regions. Traffic must automatically switch to the secondary Region when the primary Region's endpoint is unhealthy. Which two Route 53 settings are required? Select two.
easy
✓ A.Use a failover routing policy for the DNS record.
✓ B.Configure a health check for the primary endpoint.
C.Use geolocation routing so users are always sent to the closest Region.
D.Use a private hosted zone to expose the API to the internet.
E.Set the TTL to zero and skip health checks to make failover faster.
Why A: A failover routing policy is required because it allows Route 53 to automatically route traffic from a primary resource to a secondary resource when the primary is unhealthy. This is the only routing policy that supports active-passive failover across two AWS Regions. Without this policy, Route 53 would not know which endpoint to consider primary or how to switch traffic upon failure.
Variation 2. Your public API is hosted in two regions. You want Route 53 to automatically send traffic to the secondary region when the primary region’s endpoint fails. The primary API health check is returning failure codes, but clients still reach the primary region for several minutes. Which Route 53 configuration most directly addresses this behavior?
medium
A.Use a single Alias A record with simple routing and a short TTL so Route 53 quickly changes the IP address.
✓ B.Use Route 53 failover routing with a primary record and a secondary record, each associated with its own health check, so Route 53 answers with the healthy region.
C.Use weighted routing to send a small percentage of traffic to the secondary region, increasing it manually when the primary fails.
D.Use latency routing only, letting Route 53 choose the lowest-latency region at query time, without health checks.
Why B: Option B is correct because Route 53 failover routing with health checks on both primary and secondary records ensures that when the primary health check fails, Route 53 stops returning the primary record's IP and instead returns the secondary record's IP. This directly addresses the observed behavior where clients still reach the primary region for several minutes—likely because the primary record's health check was not configured or associated, or a simple routing policy was used without health check integration, causing stale DNS responses to be served until TTL expires.
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
This SAA-C03 practice question is part of Courseiva's free Amazon Web Services certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the SAA-C03 exam.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.