ANS-C01 · Question #199
ANS-C01 Question #199: Real Exam Question with Answer & Explanation
Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #199. The question stem and answer options stay visible for context.
Question
A company is developing a new application that is deployed in multiple VPCs across multiple AWS Regions. The VPCs are connected through AWS Transit Gateway. The VPCs contain private subnets and public subnets. All outbound internet traffic in the private subnets must be audited and logged. The company's network engineer plans to use AWS Network Firewall and must ensure that all traffic through Network Firewall is completely logged for auditing and alerting. How should the network engineer configure Network Firewall logging to meet these requirements?
Options
- AConfigure Network Firewall logging in Amazon CloudWatch to capture all alerts. Send the logs to
- BConfigure Network Firewall logging in Network Firewall to capture all alerts and flow logs.
- CConfigure Network Firewall logging by configuring VPC Flow Logs for the firewall endpoint. Send
- DConfigure Network Firewall logging by configuring AWS CloudTrail to capture data events.
Unlock ANS-C01 to see the answer
You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.