Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Bigtest65

Discussions
  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. ANS-C01 Discussions
  6. ANS-C01 Exam Topic 8 Question 70 Discussion
 Amazon Web Services Discussions
Exam ANS-C01 All Questions
Exam ANS-C01 All Questions

View all questions & answers for the ANS-C01 exam

Go to Exam

Amazon Web Services AWS Certified Specialty ANS-C01 Question # 70 Topic 8 Discussion

ANS-C01 Exam Topic 8 Question 70 Discussion:
Question #: 70
Topic #: 8

A company has a transit gateway in a single AWS account. The company sends flow logs for the transit gateway to an Amazon CloudWatch Logs log group.

The company created an AWS Lambda function to analyze the logs. The Lambda function sends a notification to an Amazon Simple Notification Service (Amazon SNS) topic when a VPC generates traffic that is dropped by the transit gateway. Each notification contains the account ID. VPC ID, and total amount of dropped packets.

The company wants to subscribe a new Lambda function to the SNS topic. The new Lambda function must automatically prevent the traffic that is identified in each notification from leaving a VPC by applying a network ACL to the transit gateway attachment subnets in the VPC that generates the traffic.

Which solution will meet these requirements?
A.

Configure the existing Lambda function to add the destination IP addresses of the dropped traffic to each SNS notification. Configure the new Lambda function to create an outbound rule by using the destination IP addresses in the network ACL.

B.

Configure the existing Lambda function to add the source IP addresses of the dropped traffic to each SNS notification. Configure the new Lambda function to create an inbound rule by using the source IP addresses in the network ACL.

C.

Configure the existing Lambda function to add the source IP addresses of the dropped traffic to each SNS notification. Configure the new Lambda function to create an outbound rule by using the source IP addresses in the network ACL.

D.

Configure the existing Lambda function to add the destination IP addresses of the dropped traffic to each SNS notification. Configure the new Lambda function to create an inbound rule by using the destination IP addresses in the network ACL.

Get Premium ANS-C01 Questions
Actual exam question for Amazon Web Services ANS-C01 exam by Orion99984 at Dec 31, 2025, 12:00:16 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit