ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam ANS-C00 All Questions

View all questions & answers for the ANS-C00 exam
Go to Exam

Exam ANS-C00 topic 1 question 102 discussion

Exam question from Amazon's ANS-C00
Question #: 102
Topic #: 1
[All ANS-C00 Questions]

A Network Engineer needs to be automatically notified when a certain TCP port is accessed on a fleet of Amazon EC2 instances running in an Amazon VPC.
Which of the following is the MOST reliable solution?

  • A. Create an inbound rule in the VPC's network ACL that matches the TCP port. Create an Amazon CloudWatch alarm on the NetworkPackets metric for the ACL that uses Amazon SNS to notify the Administrator when the metric is greater than zero.
  • B. Install intrusion detection software on each Amazon EC2 instance and configure it to use the AWS CLI to notify the Administrator with Amazon SNS each time the TCP port is accessed.
  • C. Create VPC Flow Logs that write to Amazon CloudWatch Logs, with a metric filter matching connections on the required port. Create a CloudWatch alarm on the resulting metric that uses Amazon SNS to notify the Administrator when the metric is greater than zero.
  • D. Install intrusion detection software on each Amazon EC2 instance and configure it to use the AWS CLI to publish to a custom Amazon CloudWatch metric each time the TCP port is accessed. Create a CloudWatch alarm on the resulting metric that uses Amazon SNS to notify the Administrator when the metric is greater than zero.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by LexyA at May 8, 2020, 6:33 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
Highly Voted 3 years, 8 months ago
C seems right to me. Not aware of network packet metrics on an ACL
upvoted 14 times
...
ChauPhan
Highly Voted 3 years, 7 months ago
B, D are not reliable, when the EC2 is down or the application is turned off. Also it's management overhead and need to install to all EC2. A. Haven't heard about NetworkPacket metrics of ACL and how it's relevant C sounds good.
upvoted 5 times
...
Algoproxy
Most Recent 2 years, 7 months ago
C is correct. Not aware of network packet metrics for NACLs.
upvoted 1 times
...
CCNPWILL
2 years, 8 months ago
Selected Answer: C
C is the only one that makes the most sense ffs
upvoted 1 times
...
Marty2021
2 years, 11 months ago
Selected Answer: C
For reasons ChauPhan mentioned
upvoted 1 times
...
khchan123
3 years, 3 months ago
I guess there is typo and the question is asking about MOST RESPONSIVE, then it's B.
upvoted 2 times
...
ExamTopicsFan
3 years, 8 months ago
NetworkPacketsIn metrics is not even relevant for this question. The definition is as follows The number of packets received by the instance on all network interfaces. This metric identifies the volume of incoming traffic in terms of the number of packets on a single instance. C is the right answer.
upvoted 2 times
...
Thiagosilvanetwork
3 years, 8 months ago
I have the same doubt between A or C. Someone is there a correct answer?
upvoted 1 times
...
guruguru
3 years, 8 months ago
C. Because IDS with CLI is not reliable, what if the CLI failed?
upvoted 3 times
...
LexyA
3 years, 8 months ago
C is correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel