Multiple Choice
A company is deploying a critical application on two Amazon EC2 instances in a VPC. Failed client connections to the EC2 instances must be logged according to company policy. What is the MOST cost-effective solution to meet these requirements?
A) Move the EC2 instances to a dedicated VPC. Enable VPC Flow Logs with a filter on the deny action. Publish the flow logs to Amazon CloudWatch Logs.
B) Move the EC2 instances to a dedicated VPC subnet. Enable VPC Flow Logs for the subnet with a filter on the reject action. Publish the flow logs to an Amazon Kinesis Data Firehose stream with a data delivery to an Amazon S3 bucket.
C) Enable VPC Flow Logs, filtered for rejected traffic, for the elastic network interfaces associated with the instances. Publish the flow logs to an Amazon Kinesis Data Firehose stream with a data delivery to an Amazon S3 bucket.
D) Enable VPC Flow Logs, filtered for rejected traffic, for the elastic network interfaces associated with the instances. Publish the flow logs to Amazon CloudWatch Logs.
Correct Answer:
Verified
Correct Answer:
Verified
Q115: An organization will be extending its existing
Q116: A company has an application running on
Q117: What is the minimum number of subnets
Q118: Your Amazon Kinesis application receives data streams
Q119: Refer to the image. <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1091/.jpg" alt="Refer
Q121: A user is having data generated randomly
Q122: An organization with a growing e-commerce presence
Q123: A Network Engineer needs to be automatically
Q124: You have just deployed a website that
Q125: Your company has decided to use AWS