Topic 1 Question 233
A network engineer needs to provide a list of IP addresses that are sending traffic to an Amazon EC2 instance. VPC flow logs are enabled. The EC2 instance has a single network interface and two assigned IP addresses. However, the flow logs are logging traffic only for the primary IP address. The network engineer needs to determine whether any traffic is being sent to the second IP address of the EC2 instance.
What should the network engineer do to locate the traffic flow for the second IP address?
Create a new flow log that includes the pkt-dstaddr field to capture the original destination IP address of the traffic.
Create a new flow log that includes the dstaddr field to capture the original destination IP address of the traffic.
Create a new flow log that includes the pkt-srcaddr field to capture the original destination IP address of the traffic.
Create a new flow log that includes the srcaddr field to capture the original destination IP address of the traffic.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-limitations.html If your network interface has multiple IPv4 addresses and traffic is sent to a secondary private IPv4 address, the flow log displays the primary private IPv4 address in the dstaddr field. To capture the original destination IP address, create a flow log with the pkt-dstaddr field.
👍 3woorkim2024/12/22 - 正解だと思う選択肢: A
Amazon VPC Flow Logs are used to capture network traffic information for interfaces in a VPC. By default, flow logs capture data for the primary private IP address of the network interface. However, to capture traffic for secondary IP addresses assigned to an interface, additional fields such as pkt-dstaddr are necessary.
👍 1makanju2024/12/16 - 正解だと思う選択肢: A
A is the correct one
👍 1exampb0072024/12/28
シャッフルモード