AWS Certified Solutions Architect - Professional
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A company has VPC flow logs enabled for its NAT gateway. The company is seeing Action = ACCEPT for inbound traffic that comes from public IP address 198.51.100.2 destined for a private Amazon EC2 instance. A solutions architect must determine whether the traffic represents unsolicited inbound connections from the internet. The first two octets of the VPC CIDR block are 203.0, Which set of steps should the solutions architect take to meet these requirements?
A
Open the AWS CloudTrail console. Select the log group that contains the NAT gateway's elastic network interface
and the private instance's elastic network interface. Run a query to filter with the destination address set as "like 203.O"
and the source address set as "like51.100.2". Run the stats command to filter the sum of bytes transferred by the source
address and the destination address
B
Open the Amazon CloudWatch console. Select the log group that contains the NAT gateway's elastic network
interface and the private instance's elastic network interface. Run a query to filter with the destination address set as
"like 203.O" and the source address set as "like 198.51.100.2". Run the stats command to filter the sum of bytes
transferred by the source address and the destination address
C
Open the AWS CloudTrail console. Select the log group that contains the NAT gateway's elastic network interface
and the private instance's elastic network interface. Run a query to filter with the destination address set as "like
198.51.100.2" and the source address set as "like 203.O". Run the stats command to filter the sum of bytes transferred
by the source address and the destination address
D
Open the Amazon CloudWatch console. Select the log group that contains the NAT gateway's elastic network
interface and the private instance's elastic network interface. Run a query to filter with the destination address set as
"like 198.51.100.2" and the source address set as "like 203.O". Run the stats command to filter the sum of bytes
transferred by the source address and the destination address