ANS-C01 · Question #288
ANS-C01 Question #288: Real Exam Question with Answer & Explanation
Sign in or unlock ANS-C01 to reveal the answer and full explanation for question #288. The question stem and answer options stay visible for context.
Question
A company has a transit gateway in a single AWS account. The company sends flow logs for the transit gateway to an Amazon CloudWatch Logs log group. The company created an AWS Lambda function to analyze the logs. The Lambda function sends a notification to an Amazon Simple Notification Service (Amazon SNS) topic when a VPC generates traffic that is dropped by the transit gateway. Each notification contains the account ID. VPC ID, and total amount of dropped packets. The company wants to subscribe a new Lambda function to the SNS topic. The new Lambda function must automatically prevent the traffic that is identified in each notification from leaving a VPC by applying a network ACL to the transit gateway attachment subnets in the VPC that generates the traffic. Which solution will meet these requirements?
Options
- AConfigure the existing Lambda function to add the destination IP addresses of the dropped traffic
- BConfigure the existing Lambda function to add the source IP addresses of the dropped traffic to
- CConfigure the existing Lambda function to add the source IP addresses of the dropped traffic to
- DConfigure the existing Lambda function to add the destination IP addresses of the dropped traffic
Unlock ANS-C01 to see the answer
You've previewed enough free ANS-C01 questions. Unlock ANS-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.