Exam AWS Certified SysOps Administrator - Associate topic 1 question 140 discussion

B,C : https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking-awsvpc.html

The task networking features that are provided by the awsvpc network mode give Amazon ECS tasks the same networking properties as Amazon EC2 instances. Using the awsvpc network mode simplifies container networking, because you have more control over how your applications communicate with each other and other services within your VPCs. The awsvpc network mode also provides greater security for your containers by allowing you to use security groups and network monitoring tools at a more granular level within your tasks. You can also use other Amazon EC2 networking features such as VPC Flow Logs to monitor traffic to and from your tasks. https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking-awsvpc.html

B. VPC Flow Logs capture IP traffic going to and from network interfaces in your VPC C. The awsvpc network mode allows each task to have its own dedicated network namespace

The awsvpc network mode also provides greater security for your containers by enabling you to use security groups and network monitoring tools at a more granular level within your tasks. Because each task gets its own elastic network interface (ENI), you can also use other Amazon EC2 networking features such as VPC Flow Logs to monitor traffic to and from your tasks. Additionally, containers that belong to the same task can communicate over the localhost interface.

"The awsvpc network mode also provides greater security for your containers by enabling you to use security groups and network monitoring tools at a more granular level within your tasks. Because each task gets its own elastic network interface (ENI), you can also use other Amazon EC2 networking features such as VPC Flow Logs to monitor traffic to and from your tasks."

B, C is correct answer

I'll go for B,C