Capture Outgoing and Incoming IP Traffic in VPC | Exam CLF-C01 Answer

Capture Information for Outgoing and Incoming IP Traffic in a VPC

Prev Question Next Question

Question

Your company has setup EC2 Instances in a VPC for their application.

The IT Security department has advised that all traffic be monitored to the EC2 Instances.

Which of the following features can be used to capture information for outgoing and incoming IP traffic from network interfaces in a VPC.

Answers

A. AWS Cloudwatch

B. AWS EC2

C. AWS SQS

D. AWS VPC Flow Logs.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: D.

The AWS Documentation mentions the following.

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.

Flow log data can be published to Amazon CloudWatch Logs and Amazon S3

After you've created a flow log, you can retrieve and view its data in the chosen destination.

Option A is incorrect since this is a monitoring service.

Option B is incorrect since this is a compute service.

Option C is incorrect since this is a messaging service.

For more information on VPC flow logs, please visit the below URL.

https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html

The correct answer is D. AWS VPC Flow Logs.

VPC Flow Logs is a feature provided by AWS that allows users to capture information about the IP traffic going to and from network interfaces in a VPC. VPC Flow Logs are created at the VPC, Subnet, or Network Interface level and provide visibility into the traffic that is flowing through the network.

With VPC Flow Logs, you can capture information about the source and destination IP addresses, ports, protocols, and packets and bytes transferred. This information can be used for a variety of purposes, including security analysis, troubleshooting, and compliance reporting.

AWS CloudWatch is a monitoring service provided by AWS that can be used to monitor various metrics and logs from different AWS resources, including EC2 instances. However, it does not provide the capability to capture IP traffic from network interfaces.

AWS EC2 is a service provided by AWS that allows users to launch and manage virtual machines in the cloud. While EC2 instances can be configured to capture network traffic, it does not provide the capability to capture IP traffic from other network interfaces in a VPC.

AWS SQS is a messaging service provided by AWS that allows users to send and receive messages between distributed application components. It is not related to network traffic monitoring in a VPC.

Therefore, the correct answer is D. AWS VPC Flow Logs.

Prev Question Next Question