Q11 — AWS ANS-C01 Ch.1
Question 11 of 100 | ← Chapter 1
A company’s network engineer needs to design a new solution to help troubleshoot and detect network anomalies. The network engineer has Configured Traffic Mirroring. However, the mirrored traffic is overwhelming the Amazon EC2 instance that is the traffic mirror target. The EC2 Instance hosts tools that the company’s security team uses to analyze the traffic. The network engineer needs to design a highly available solution That can scale to meet the demand of the mirrored traffic. Which solution will meet these requirements?
- A. Deploy a Network Load Balancer (NLB) as the traffic mirror target. Behind the NLB. deploy a fleet of EC2 instances in an Auto Scaling Group. Use Traffic Mirroring as necessary. ✓
- B. Deploy an Application Load Balancer (ALB) as the traffic mirror target. Behind the ALB, deploy a fleet of EC2 instances in an Auto Scaling Group. Use Traffic Mirroring only during non-business hours.
- C. Deploy a Gateway Load Balancer (GLB) as the traffic mirror target. Behind the GLB. deploy a fleet of EC2 instances in an Auto Scaling Group. Use Traffic Mirroring as necessary.
- D. Deploy an Application Load Balancer (ALB) with an HTTPS listener as the traffic mirror target. Behind the ALB. deploy a fleet of EC2 Instances in an Auto Scaling group. Use Traffic Mirroring only during active events or business hours.
Correct Answer: A. Deploy a Network Load Balancer (NLB) as the traffic mirror target. Behind the NLB. deploy a fleet of EC2 instances in an Auto Scaling Group. Use Traffic Mirroring as necessary.
Explanation
AWS的流量镜像(Traffic Mirroring)功能支持将网络流量复制并发送到指定目标。当镜像流量过大导致单台EC2实例过载时,需通过负载均衡器将流量分发到后端多个实例。网络负载均衡器(NLB)属于第四层负载均衡,适用于处理原始TCP/UDP流量,而流量镜像的典型场景需要直接处理网络层数据包,NLB的高性能与低延迟特性更契合此需求。选项A通过Auto Scaling组动态调整实例数量,确保后端处理能力随流量自动扩展,实现高可用性。其他选项中,ALB适用于HTTP/HTTPS应用层流量(选项B、D),GLB则主要用于集成第三方安全设备(选项C),均不符合流量镜像对底层网络处理的要求。