AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Set up the NAT gateway as a VPC traffic mirror source. Deploy software on the traffic mirror target to forward the data to an Amazon OpenSearch Service cluster. Analyze the data by using OpenSearch Dashboards.

To analyze TCP traffic originating from Amazon EC2 instances in a VPC, including source and destination IP addresses, ports, and the first 8 bytes of payload of TCP segments, the solution must capture detailed packet-level data. VPC Flow Logs, as mentioned in options C and D, do not capture packet payloads, making them unsuitable for this requirement. Option A suggests using VPC traffic mirroring with EC2 instances as sources and forwarding data to Amazon CloudWatch Logs. However, CloudWatch Logs is not designed for detailed packet analysis, including payload data. Option B proposes setting up the NAT gateway as a VPC traffic mirror source and forwarding the data to an Amazon OpenSearch Service cluster for analysis using OpenSearch Dashboards. This approach allows for the capture and analysis of detailed packet data, including the required payload information, making it the correct solution. Therefore, the correct answer is B.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company needs to collect, store, and analyze TCP traffic originating from Amazon EC2 instances in its VPC, where the instances initiate connections via a NAT gateway. The data to be captured includes source and destination IP addresses, ports, and the first 8 bytes of payload from TCP segments. Which solution fulfills these requirements?

Exam-Like

Set up the EC2 instances as VPC traffic mirror sources. Deploy software on the traffic mirror target to forward the data to Amazon CloudWatch Logs. Analyze the data by using CloudWatch Logs Insights.

20.0%

Set up the NAT gateway as a VPC traffic mirror source. Deploy software on the traffic mirror target to forward the data to an Amazon OpenSearch Service cluster. Analyze the data by using OpenSearch Dashboards.

40.0%

Turn on VPC Flow Logs on the EC2 instances. Specify the default format and a log destination of Amazon CloudWatch Logs. Analyze the flow log data by using CloudWatch Logs Insights.

20.0%

Turn on VPC Flow Logs on the EC2 instances. Specify a custom format and a log destination of Amazon S3. Analyze the flow log data by using Amazon Athena.