ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 150 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 150
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A SysOps administrator is reviewing VPC Flow Logs to troubleshoot connectivity issues in a VPC. While reviewing the logs, the SysOps administrator notices that rejected traffic is not listed.

What should the SysOps administrator do to ensure that all traffic is logged?

  • A. Create a new flow log that has a filter setting to capture all traffic.
  • B. Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
  • C. Edit the existing flow log. Change the filter setting to capture all traffic.
  • D. Edit the existing flow log. Set the log record format to a custom format. Select the proper fields to include in the log.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Liongeek at Nov. 16, 2022, 7:07 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Liongeek
Highly Voted 2 years, 1 month ago
Ans: A You CANNOT modify a VPC Flow Log Ref: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-limitations "After you create a flow log, you cannot change its configuration or the flow log record format. For example, you can't associate a different IAM role with the flow log, or add or remove fields in the flow log record. Instead, you can delete the flow log and create a new one with the required configuration."
upvoted 18 times
jipark
1 year, 4 months ago
cleared !! "You CANNOT modify a VPC Flow Log"
upvoted 1 times
...
...
Rabbit117
Most Recent 9 months, 2 weeks ago
Selected Answer: A
I think the answer is A. Flow logs basics: You can create a flow log for a VPC, a subnet, or a network interface. If you create a flow log for a subnet or VPC, each network interface in that subnet or VPC is monitored. Flow log data for a monitored network interface is recorded as flow log records, which are log events consisting of fields that describe the traffic flow. For more information, see Flow log records. To create a flow log, you specify: The resource for which to create the flow log. The type of traffic to capture (accepted traffic, rejected traffic, or all traffic). The destinations to which you want to publish the flow log data. https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
upvoted 1 times
...
shmulik
1 year, 3 months ago
Selected Answer: A
After you create a flow log, you cannot change its configuration or the flow log record format. For example, you can't associate a different IAM role with the flow log, or add or remove fields in the flow log record. Instead, you can delete the flow log and create a new one with the required configuration.
upvoted 1 times
...
Christina666
1 year, 5 months ago
Selected Answer: A
Flow logs can help you with a number of tasks, such as: Diagnosing overly restrictive security group rules Monitoring the traffic that is reaching your instance Determining the direction of the traffic to and from the network interfaces Flow log data is collected outside of the path of your network traffic, and therefore does not affect network throughput or latency. You can create or delete flow logs without any risk of impact to network performance.
upvoted 2 times
...
Andrew_A
1 year, 6 months ago
Selected Answer: A
Answer: A
upvoted 1 times
...
csG13
1 year, 8 months ago
Selected Answer: A
A - you can't modify an existing flow log. Also it's not B since we want to log all traffic.
upvoted 1 times
...
gulu73
1 year, 11 months ago
Selected Answer: A
Ans A You cannot modify VPC Flow Log just tested it.
upvoted 1 times
...
CodePoet
1 year, 12 months ago
Selected Answer: A
Keyword: "ensure that all traffic is logged"
upvoted 1 times
...
yeacuz
1 year, 12 months ago
Selected Answer: B
The answer is: B. Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log. You need to create a new flow log. There is no "filter setting to capture all traffic", but you can set the log record to a custom format as specified in the user guide (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-custom)
upvoted 1 times
csG13
1 year, 9 months ago
There is; there are three types of traffic - accepted traffic, rejected traffic, or all traffic. Correct answer is A. See more here: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
upvoted 2 times
...
...
marcelodba
2 years ago
Selected Answer: A
Ans: A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel