Q442. A company is running an application in a single VPC on an Amazon EC2 instance with Amazon RDS as the datastore.The application does not support encryption in transit Security guidelines do not allow SSH access to any resource within the VPC.The Application has issues throughout the day which causes outages in the production environment. The issues are not present in
Nonproduction environments Application logs have been given to a vendor to troubleshoot the application.The vendor also requires IP packets for its analysis. Which solution allows for the IP packets to be extracted for troubleshooting?
A.Create a VPC traffic mirror source on the application instance's elastic network interface with a filter that captures all traffic.Configure the traffic mirror target to use an Amazon S3 bucket Start the traffic mirror session and download the packet capture from Amazon S3.Provide the packet capture to the vendor. B.Create a VPC traffic mirror source on the application instance's elastic network interface with a filter that captures all traffic Launch a new EC2 instance and configure the traffic minor target to use the elastic network interface of the new EC2 instance.Start the traffic mirror session and download the packet capture from the new EC2 instance using AWS Systems Manager Provide the packet capture to the vendor. C.Enable VPC Flow Logs on the application instance's elastic network interface and send them to Amazon CloudWatch LogsDownload the CloudWatch logs and provide them to me vendor D.Enable VPC Flow Logs on the VPC to capture traffic flows on from the application instance and the RDS instance and send them to Amazon CloudWatch Logs Download the CloudWatch logs and provide them to the vendor正确答案B
