How should a network engineer configure an AWS Network Firewall to ensure complete metadata logging (including source/destination IP addresses and protocol type), capture all network traffic flows, and record DROP or ALERT actions for processed traffic, while ensuring the firewall endpoints are correctly placed in subnets and VPC route tables direct traffic through the firewall for internet-bound and inbound traffic?

Exam-Like

Create a firewall policy to ensure that traffic is processed by stateless or stateful rules according to needs. Select Amazon CloudWatch Logs as the destination for the flow logs.

20.0%

Create a firewall policy to ensure that traffic is processed by stateless or stateful rules according to needs. Configure Network Firewall logging for alert logs and flow logs. Select a destination for logs separately for stateful and stateless engines.

60.0%

Create a firewall policy to ensure that a stateful engine processes all the traffic. Configure Network Firewall logging for alert logs and flow logs. Select a destination for alert logs and flow logs.

20.0%

Create a firewall policy to ensure that a stateful engine processes all the traffic. Configure VPC flow logs for the subnets that the firewall protects. Select a destination for the flow logs.

0.0%

AWS Certified Advanced Networking - Specialty

Get started today

Comments