Topic 1 Question 169

AWS Certified Advanced Networking - Specialty

Topic 1 Question 169
A company is developing a new application that is deployed in multiple VPCs across multiple AWS Regions. The VPCs are connected through AWS Transit Gateway. The VPCs contain private subnets and public subnets.

All outbound internet traffic in the private subnets must be audited and logged. The company's network engineer plans to use AWS Network Firewall and must ensure that all traffic through Network Firewall is completely logged for auditing and alerting.

How should the network engineer configure Network Firewall logging to meet these requirements?
- Configure Network Firewall logging in Amazon CloudWatch to capture all alerts. Send the logs to a log group in Amazon CloudWatch Logs.
- Configure Network Firewall logging in Network Firewall to capture all alerts and flow logs.
- Configure Network Firewall logging by configuring VPC Flow Logs for the firewall endpoint. Send the logs to a log group in Amazon CloudWatch Logs.
- Configure Network Firewall logging by configuring AWS CloudTrail to capture data events.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B
  "to capture all alerts and flow logs"
  
  👍 6
  bluz2024/03/22
- A- https://docs.aws.amazon.com/network-firewall/latest/developerguide/logging-cw-logs.html
  
  👍 5
  jinu2024/03/19
- 正解だと思う選択肢: A
  logging destinations are s3, cloudwatch, or data firehose
  
  https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-logging-destinations.html
  
  👍 2
  daemon1012024/03/27
シャッフルモード

ユーザの投票

コメント(7)