ANS-C01 · Question #173
ANS-C01 Question #173: Real Exam Question with Answer & Explanation
The correct answer is B: Create a third-party EC2 appliance in an Auto Scaling group fronted by a Network Load Balancer. You can use the following resources as traffic mirror targets: - Network interfaces of type interface - Network Load Balancers - Gateway Load Balancer endpoints https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html
Question
A company has an application that runs on a fleet of Amazon EC2 instances. A new company regulation mandates that all network traffic to and from the EC2 instances must be sent to a centralized third-party EC2 appliance for content inspection. Which solution will meet these requirements?
Options
- AConfigure VPC flow logs on each EC2 network interface. Publish the flow logs to an Amazon S3
- BCreate a third-party EC2 appliance in an Auto Scaling group fronted by a Network Load Balancer
- CConfigure a mirror session. Specify an Amazon Kinesis Data Firehose delivery stream as the
- DConfigure VPC flow logs on each EC2 network interface. Send the logs to Amazon CloudWatch.
Explanation
You can use the following resources as traffic mirror targets: - Network interfaces of type interface - Network Load Balancers - Gateway Load Balancer endpoints https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-targets.html
Topics
Community Discussion
No community discussion yet for this question.