Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Amazon Web Services
  4. AWS Certified Specialty
  5. SCS-C02 Discussions
  6. SCS-C02 Exam Topic 14 Question 131 Discussion
 Amazon Web Services Discussions
Exam SCS-C02 All Questions
Exam SCS-C02 All Questions

View all questions & answers for the SCS-C02 exam

Go to Exam

Amazon Web Services AWS Certified Specialty SCS-C02 Question # 131 Topic 14 Discussion

SCS-C02 Exam Topic 14 Question 131 Discussion:
Question #: 131
Topic #: 14

A company hosts an application on Amazon EC2 that is subject to specific rules for regulatory compliance. One rule states that traffic to and from the workload must be inspected for network-level attacks. This involves inspecting the whole packet.

To comply with this regulatory rule, a security engineer must install intrusion detection software on a c5n.4xlarge EC2 instance. The engineer must then configure the software to monitor traffic to and from the application instances.

What should the security engineer do next?
A.

Place the network interface in promiscuous mode to capture the traffic.

B.

Configure VPC Flow Logs to send traffic to the monitoring EC2 instance using a Network Load Balancer.

C.

Configure VPC traffic mirroring to send traffic to the monitoring EC2 instance using a Network Load Balancer.

D.

Use Amazon Inspector to detect network-level attacks and trigger an IAM Lambda function to send the suspicious packets to the EC2 instance.

Get Premium SCS-C02 Questions
Actual exam question for Amazon Web Services SCS-C02 exam by Echo7779 at May 2, 2026, 9:11:35 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit