ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 85 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 85
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company has been using an outdated application layer protocol for communication among applications. The company decides not to use this protocol anymore and must migrate all applications to support a new protocol. The old protocol and the new protocol are TCP-based, but the protocols use different port numbers.

After several months of work, the company has migrated dozens of applications that run on Amazon EC2 instances and in containers. The company believes that all the applications have been migrated, but the company wants to verify this belief. A network engineer needs to verify that no application is still using the old protocol.

Which solution will meet these requirements without causing any downtime?

  • A. Use Amazon Inspector and its Network Reachability rules package. Wait until the analysis has finished running to find out which EC2 instances are still listening to the old port.
  • B. Enable Amazon GuardDuty. Use the graphical visualizations to filter for traffic that uses the port of the old protocol. Exclude all internet traffic to filter out occasions when the same port is used as an ephemeral port.
  • C. Configure VPC flow logs to be delivered into an Amazon S3 bucket. Use Amazon Athena to query the data and to filter for the port number that is used by the old protocol.
  • D. Inspect all security groups that are assigned to the EC2 instances that host the applications. Remove the port of the old protocol if that port is in the list of allowed ports. Verify that the applications are operating properly after the port is removed from the security groups.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by SAPALL at April 20, 2023, 6:49 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Wiss7
Highly Voted 1 year, 7 months ago
Selected Answer: C
simplest / no agents /
upvoted 5 times
...
woorkim
Most Recent 3 months, 1 week ago
C is correct!
upvoted 1 times
...
Raphaello
10 months ago
Selected Answer: C
C is the most logical answer.
upvoted 1 times
...
WherecanIstart
12 months ago
Correct answer is C
upvoted 1 times
...
Marfee400704
12 months ago
I think that it's correct answer is C according to SPOTO products.
upvoted 1 times
...
Arad
1 year, 3 months ago
Selected Answer: C
Correct answer is C.
upvoted 2 times
...
ITgeek
1 year, 9 months ago
Selected Answer: C
Its the simplest C
upvoted 4 times
...
rhinozD
1 year, 9 months ago
Selected Answer: C
I think C is enough to confirm.
upvoted 3 times
...
symplesims
1 year, 9 months ago
For AWS Inspector, an agent is required on the EC2 instances, and it accesses them for security assessments, which can impact the workload. Therefore, wouldn't it be more appropriate to analyze VPC Flow Logs in this situation?
upvoted 2 times
...
Kristin01
1 year, 9 months ago
Selected Answer: C
i think C
upvoted 4 times
...
SAPALL
1 year, 9 months ago
Selected Answer: A
I'll go with a
upvoted 3 times
[Removed]
1 year, 7 months ago
It's C, A requires agents to be installed while option C is agentless.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago