Question

A client is concerned that someone other than approved administrators is trying to gain access to the Linux web app instances in their VPC. She asks what sort of network access logging can be added. Which of the following might you recommend? (Choose 2)

A.Set up a traffic logging rule on the VPC firewall appliance and direct the log to CloudWatch or S3.
B.Set up a Flow Log for the group of instances and forward them to CloudWatch.
C.Set up a Flow Log for the group of instances and forward them to S3.
D.Use Event Log filters to trigger alerts that are forwarded to CloudWatch
E.Make use of an OS level logging tools such as iptables and log events to CloudWatch or S

Answer 1

Option B and Option E is correct.

Step-by-step explanation:

A client is worried that anyone other than authorised admins efforts to control the instances of the Linux browser in its VPC. So, they query what kind of network control monitoring can be applied. The user then suggested that the community of instances set up a Flow Log which is sent to CloudWatch and allow use through OS-level monitoring resources like iptables to log events to CloudWatch or S3.