Topic 1 Question 436
A SysOps administrator configures VPC flow logs to publish to Amazon CloudWatch Logs. The SysOps administrator reviews the logs in CloudWatch Logs and notices less traffic than expected. After the SysOps administrator compares the VPC flow logs to logs that were captured on premises, the SysOps administrator believes that the VPC flow logs are incomplete.
Which of the following is a possible reason for the difference in traffic?
CloudWatch Logs throttling has been applied.
The CloudWatch IAM role does not have a trust relationship with the VPC flow logs service.
The VPC flow log is still in the process of being created.
VPC flow logs cannot capture traffic from on-premises servers to a VPC.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: D
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.
In this case the logs cannot capture what happens on-prem.
👍 5tgv2024/10/15 - 正解だと思う選択肢: A
VPC Flow Logs capture information about the IP traffic going to and from network interfaces in your VPC. If the SysOps administrator is noticing less traffic in the VPC flow logs as compared to on-premises logs, one of the reasons could be throttling in CloudWatch Logs. AWS may throttle data if it exceeds the limits or if there's an exceptionally high rate of flow log records due to a high volume of network traffic. If throttled, some log data may not be delivered to CloudWatch Logs.If they are checking on-prem logs then there is flow logs from on-prem to the VPC.
👍 3numark2024/12/17
シャッフルモード