Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon ANS-C01 Exam - Topic 2 Question 52 Discussion

A company wants to analyze TCP traffic to the internet. The traffic originates from Amazon EC2 instances in the company's VPC. The EC2 instances initiate connections through a NAT gateway. The required information includes source and destination IP addresses, ports, and the first 8 bytes of payload of TCP segments. The company needs to collect, store, and analyze all the required data points.Which solution will meet these requirements?
A) Set up the EC2 instances as VPC traffic mirror sources. Deploy software on the traffic mirror target to forward the data to Amazon CloudWatch Logs. Analyze the data by using CloudWatch Logs Insights.
B) Set up the NAT gateway as a VPC traffic mirror source. Deploy software on the traffic mirror target to forward the data to an Amazon OpenSearch Service cluster. Analyze the data by using OpenSearch Dashboards.
C) Turn on VPC Flow Logs on the EC2 instances. Specify the default format and a log destination of Amazon CloudWatch Logs. Analyze the flow log data by using CloudWatch Logs Insights.
D) Turn on VPC Flow Logs on the EC2 instances. Specify a custom format and a log destination of Amazon S3. Analyze the flow log data by using Amazon Athena.

Amazon ANS-C01 Exam - Topic 2 Question 52 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 52
Topic #: 2
[All ANS-C01 Questions]

A company wants to analyze TCP traffic to the internet. The traffic originates from Amazon EC2 instances in the company's VPC. The EC2 instances initiate connections through a NAT gateway. The required information includes source and destination IP addresses, ports, and the first 8 bytes of payload of TCP segments. The company needs to collect, store, and analyze all the required data points.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Yasuko at Jul 09, 2025, 11:27 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Coral
5 months ago
Wait, why not just use the NAT gateway for traffic mirroring?
upvoted 0 times
...
Dulce
6 months ago
D seems interesting, but can Athena handle the payload size?
upvoted 0 times
...
Kristine
6 months ago
Option A sounds solid for real-time analysis.
upvoted 0 times
...
Dana
6 months ago
I think B could work better with OpenSearch for deeper insights.
upvoted 0 times
...
Jeffrey
6 months ago
C is too basic for this level of analysis, right?
upvoted 0 times
...
Shenika
6 months ago
I remember a similar question where we used Amazon Athena for log analysis. Option D might be the right choice if we need custom formats.
upvoted 0 times
...
Rosamond
7 months ago
I feel like VPC Flow Logs could work, but I can't recall if they capture the first 8 bytes of the payload. That detail seems important.
upvoted 0 times
...
Ettie
7 months ago
I think option A sounds familiar because we practiced analyzing data with CloudWatch Logs Insights, but I'm not entirely confident about the traffic mirror setup.
upvoted 0 times
...
Franchesca
7 months ago
I remember studying VPC traffic mirroring, but I'm not sure if it applies to NAT gateways or just EC2 instances.
upvoted 0 times
...
Aleisha
7 months ago
I think Option D might be the best choice here. Storing the flow log data in S3 and then analyzing it with Athena gives us more flexibility and control over the data than the other options.
upvoted 0 times
...
Lashandra
7 months ago
I'm not sure about this one. There are a lot of moving parts, and I want to make sure I fully understand the differences between the options before selecting an answer.
upvoted 0 times
...
Reita
8 months ago
Okay, I've got this! Option A seems like the most straightforward approach, using VPC traffic mirroring to capture the required data and then analyzing it in CloudWatch Logs. I feel confident I can explain this solution.
upvoted 0 times
...
Skye
8 months ago
Hmm, I'm a bit confused by the different options. I'll need to review the details of VPC traffic mirroring and VPC Flow Logs to understand which one best meets the requirements.
upvoted 0 times
...
Barrie
8 months ago
This looks like a tricky question, but I think I have a good strategy. I'll carefully read through each option and consider the pros and cons of each approach.
upvoted 0 times
...
Jacqueline
10 months ago
Option C looks good to me. VPC Flow Logs are a tried and true solution, and CloudWatch Logs Insights should give them the insights they need.
upvoted 0 times
...
Twila
10 months ago
Ha! I bet the person who came up with Option A was trying to find the most convoluted way to solve this problem. Sometimes simple is best, you know?
upvoted 0 times
Glenn
9 months ago
Yeah, Option C or D might be more straightforward.
upvoted 0 times
...
Ciara
10 months ago
I agree, sometimes simpler solutions are better.
upvoted 0 times
...
Nathan
10 months ago
Option A does seem a bit complicated.
upvoted 0 times
...
...
Tabetha
11 months ago
Hmm, I'm not sure about Option A. Forwarding the data to CloudWatch Logs might be a bit limiting for the kind of analysis they want to do.
upvoted 0 times
Tori
10 months ago
I agree, Option D with Amazon Athena seems like a better fit for their needs.
upvoted 0 times
...
Craig
10 months ago
Option A might not be the best choice for in-depth analysis.
upvoted 0 times
...
...
Carin
11 months ago
I prefer option D. Turning on VPC Flow Logs on the EC2 instances and analyzing the data with Amazon Athena seems like a more straightforward approach to me.
upvoted 0 times
...
Cristina
11 months ago
I'm leaning towards Option D. Storing the flow logs in S3 and then using Athena to analyze them gives us more flexibility and control over the data.
upvoted 0 times
...
Eladia
11 months ago
I agree with Alysa. Setting up EC2 instances as VPC traffic mirror sources seems like the most efficient way to collect the required data.
upvoted 0 times
...
Maybelle
11 months ago
Option B seems like the best choice here. Capturing the traffic at the NAT gateway and forwarding it to an OpenSearch cluster sounds like a solid plan.
upvoted 0 times
Serina
10 months ago
Yeah, capturing the data at the NAT gateway and then analyzing it with OpenSearch Dashboards seems like a straightforward approach.
upvoted 0 times
...
Willis
10 months ago
Setting up the NAT gateway as a traffic mirror source and using OpenSearch Dashboards for analysis seems like a good fit.
upvoted 0 times
...
Altha
10 months ago
I agree, option B sounds like the most efficient solution for analyzing TCP traffic from the EC2 instances.
upvoted 0 times
...
...
Alysa
11 months ago
I think option A is the best solution.
upvoted 0 times
...

Save Cancel