Addressing Application Issues: Network Packet Inspection
Question
Your company has an EC2 Instance hosted in AWS.
This EC2 Instance hosts an application.
Currently, this application is experiencing several issues.
You need to inspect the network packets to find what type of error is occurring.
Which one of the below steps can help address this issue?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
Since here you need to sniff the actual network packets, the ideal approach would be to use a network monitoring tool provided by an AWS partner.
Options A and D are incorrect because these services cannot be used for packet inspection.
Option C is incorrect because “promiscuous mode” is not supported in AWS.
For more information on the security capabilities, please visit the below URL:
https://aws.amazon.com/answers/networking/vpc-security-capabilities/Out of the given options, option C is the most appropriate one to help address the issue of inspecting network packets to find the type of error occurring.
Option A: AWS CloudTrail captures API activity and generates log files to help track changes to resources, but it doesn't capture network packets. Therefore, it's not useful for inspecting network packets.
Option B: AWS offers several network monitoring tools, such as Amazon VPC Flow Logs, which capture information about the IP traffic going to and from network interfaces in an Amazon VPC. However, these tools do not capture the full network packets, which are needed to perform detailed packet analysis.
Option C: This option involves setting up a secondary instance and configuring it to be in "promiscuous mode," which means the instance can capture all the traffic that passes through the network interface, including packets not meant for the instance itself. This can be done using tools such as tcpdump, Wireshark, or tshark. Once the packets are captured, the analyst can use packet analysis tools to inspect the network packets and identify the issues with the application. This option provides a detailed analysis of the network packets, making it the most suitable option for the task.
Option D: CloudWatch metrics provide information on the performance of AWS resources and applications. While they are useful for monitoring metrics related to EC2 instances, they don't provide details on network packets or error types occurring.
In conclusion, option C is the most appropriate option to inspect network packets and identify the type of error occurring in the application hosted on the EC2 instance.
