AWS EC2 Instances: IP Address Logging for Enhanced Security

Ensuring IP Address Logging for EC2 Instances

Prev Question Next Question

Question

A company has a set of EC2 Instances hosted in a VPC.

The IT Security department has specified that they need to ensure they get a list of IP addresses for all sources making requests to the EC2 Instances.

Which one of the following could help achieve this requirement?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

The correct answer is A. AWS VPC Flow Logs.

Explanation: AWS VPC (Virtual Private Cloud) Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. VPC Flow Logs can help you troubleshoot network connectivity issues, monitor network activity, and analyze traffic patterns.

In this scenario, the IT Security department needs to ensure that they get a list of IP addresses for all sources making requests to the EC2 Instances. By enabling VPC Flow Logs for the VPC hosting the EC2 instances, you can capture information about the IP traffic going to and from the EC2 instances. You can then use this information to determine the source IP addresses of the requests made to the EC2 instances.

AWS Cloudwatch (option B) is a monitoring service for AWS resources and applications. While it can be used to monitor EC2 instances, it does not provide the level of detail required to identify the source IP addresses of requests to the EC2 instances.

AWS CloudFormation (option C) is a service that helps you model and set up your AWS resources so you can spend less time managing those resources and more time focusing on your applications. It is not directly related to capturing IP addresses of sources making requests to EC2 instances.

AWS Trusted Advisor (option D) is a service that provides guidance and recommendations to help you optimize your AWS infrastructure. It is not directly related to capturing IP addresses of sources making requests to EC2 instances.

Therefore, the correct answer is A. AWS VPC Flow Logs.