Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 10 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 10
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company has deployed an AWS Network Firewall firewall into a VPC. A network engineer needs to implement a solution to deliver Network Firewall flow logs to the company’s Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster in the shortest possible time.
Which solution will meet these requirements?

  • A. Create an Amazon S3 bucket. Create an AWS Lambda function to load logs into the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster. Enable Amazon Simple Notification Service (Amazon SNS) notifications on the S3 bucket to invoke the Lambda function. Configure flow logs for the firewall. Set the S3 bucket as the destination.
  • B. Create an Amazon Kinesis Data Firehose delivery stream that includes the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster as the destination. Configure flow logs for the firewall Set the Kinesis Data Firehose delivery stream as the destination for the Network Firewall flow logs.
  • C. Configure flow logs for the firewall. Set the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster as the destination for the Network Firewall flow logs.
  • D. Create an Amazon Kinesis data stream that includes the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster as the destination. Configure flow logs for the firewall. Set the Kinesis data stream as the destination for the Network Firewall flow logs.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by zaazanuna at March 18, 2023, 6:13 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
flowers00
Highly Voted 1 year, 6 months ago
B - correct. https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-analyze-aws-network-firewall-logs-using-amazon-opensearch-service-part-1/
upvoted 9 times
...
Raphaello
Most Recent 5 months, 2 weeks ago
Selected Answer: B
B is the correct answer. Forward NF logs to KDF and from there to opensearch.
upvoted 1 times
...
Marfee400704
7 months, 1 week ago
I think that it's correct answer is B according to SPOTO products.
upvoted 2 times
...
MEDES
12 months ago
B Because request is shortest possible time. Firehose is one of the shortest destination and has better integration with OpenSearch. The timing of Network Firewall log delivery varies by location type, averaging 3-6 minutes for Amazon CloudWatch Logs and Amazon Kinesis Data Firehose and 8-12 minutes for Amazon Simple Storage Service buckets. https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-logging.html
upvoted 1 times
...
DPDK
1 year, 2 months ago
B Because request is shortest possible time. Firehose is one of the shortest destination and has better integration with OpenSearch. The timing of Network Firewall log delivery varies by location type, averaging 3-6 minutes for Amazon CloudWatch Logs and Amazon Kinesis Data Firehose and 8-12 minutes for Amazon Simple Storage Service buckets. https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-logging.html
upvoted 2 times
...
emmanuelodenyire
1 year, 4 months ago
Selected Answer: B
Option B is the correct answer. Explanation: The question asks for a solution to deliver Network Firewall flow logs to the company’s Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster in the shortest possible time. Option B suggests creating an Amazon Kinesis Data Firehose delivery stream that includes the Amazon OpenSearch Service cluster as the destination. This solution is the most efficient because Kinesis Data Firehose can stream data in near real-time to the Amazon OpenSearch Service cluster. This means that logs will be delivered to the Elasticsearch cluster in the shortest possible time.
upvoted 3 times
...
Untamables
1 year, 5 months ago
Selected Answer: B
B Network Firewall supports Amazon Kinesis Data Firehose as one of the logging destinations. The timing of Network Firewall log delivery varies by location type, averaging 3-6 minutes for Amazon CloudWatch Logs and Amazon Kinesis Data Firehose and 8-12 minutes for Amazon Simple Storage Service buckets. https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-logging.html
upvoted 3 times
...
Cappy46789
1 year, 6 months ago
B - Firehose
upvoted 2 times
...
zaazanuna
1 year, 6 months ago
B - correct
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel