AWS Certified Security - Specialty
Get started today
Ultimate access to all questions.
You are tasked with implementing a solution to monitor and analyze network traffic in a VPC that hosts critical applications. The solution should capture all traffic, including rejected and ignored flows, and integrate with a security information and event management (SIEM) system. Which AWS service would you use for this purpose?
You are tasked with implementing a solution to monitor and analyze network traffic in a VPC that hosts critical applications. The solution should capture all traffic, including rejected and ignored flows, and integrate with a security information and event management (SIEM) system. Which AWS service would you use for this purpose?
Simulated
Explanation:
Traffic Mirroring allows you to copy network traffic from Elastic Network Interfaces (ENIs) and send it to a monitoring or security appliance for analysis. This service can capture all traffic, including rejected and ignored flows, and integrate with a SIEM system for comprehensive monitoring and analysis.