Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 154 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 154
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company hosts a web application that runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The company uses an Amazon CloudFront distribution with the ALB as an origin.

The application recently experienced an attack. In response, the company associated an AWS WAF web ACL with the CloudFront distribution. The company needs to use Amazon Athena to analyze application attacks that AWS WAF detects.

Which solution will meet this requirement?

  • A. Configure the ALB and the EC2 instance subnets to produce VPC flow logs. Configure the VPC flow logs to deliver logs to an Amazon S3 bucket for log analysis.
  • B. Create a trail in AWS CloudTrail to capture data events. Configure the trail to deliver logs to an Amazon S3 bucket for log analysis.
  • C. Configure the AWS WAF web ACL to deliver logs to an Amazon Kinesis Data Firehose delivery stream. Configure the stream to deliver the data to an Amazon S3 bucket for log analysis.
  • D. Turn on access logging for the ALB. Configure the access logs to deliver the logs to an Amazon S3 bucket for log analysis.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Neo00 at July 25, 2023, 7:58 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Neo00
Highly Voted 1 year, 3 months ago
Selected Answer: C
C To send logs to Amazon Kinesis Data Firehose, you send logs from your web ACL to an Amazon Kinesis Data Firehose with a configured storage destination. After you enable logging, AWS WAF delivers logs to your storage destination through the HTTPS endpoint of Kinesis Data Firehose.
upvoted 5 times
JoseCC
1 year, 3 months ago
C Correct. https://aws.amazon.com/blogs/security/trimming-aws-waf-logs-with-amazon-kinesis-firehose-transformations/
upvoted 2 times
...
...
[Removed]
Most Recent 7 months ago
The big thing here is that according to the scenario the WAF ist attached to CloudFront, so looking at ALB is "too late" ;) With this being said it can only be C
upvoted 3 times
...
vikasj1in
9 months ago
Selected Answer: C
Options A and D suggest using VPC flow logs and ALB access logs, respectively. While these logs are valuable for specific purposes (network analysis and access patterns), they do not capture the detailed information about web requests and attacks that are logged by AWS WAF. Option B involves AWS CloudTrail, which is more focused on auditing API calls rather than capturing detailed web request information. Therefore, for analyzing application attacks detected by AWS WAF, configuring AWS WAF logs to be delivered to an Amazon Kinesis Data Firehose stream is the recommended approach.
upvoted 3 times
...
ISSDoksim
1 year, 3 months ago
agreed - C
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel