Q27 — AWS ANS-C01 Ch.1

Question 27 of 100 | ← Chapter 1

A financial trading company is using Amazon EC2 instances to run its trading platform. Part of the company's trading platform includes a third-party pricing service that the EC2 instances communicate with over UDP on port 50000. Recently, the company has had problems with the pricing service. Some of the responses from the pricing service appear to be incorrectly formatted and are not being processed successfully. The third-party vendor requests access to the data that the pricing service is returning. The third-party vendor wants to capture request and response data for debugging by logging in to an EC2 instance that accesses the pricing service. The company prohibits direct access to production systems and requires all log analysis to be performed in a dedicated monitoring account. Which set of steps should a network engineer take to capture the data and meet these requirements?

Correct Answer: C. 1 Configure a traffic mirror filter to capture the UDP data. 2 Configure Traffic Mirroring to capture the traffic for the EC2 instance's elastic network interface. 3 Configure a packet inspection package on a new EC2 instance in the monitoring account. Use the elastic network interface of the new EC2 instance as the target for the traffic mirror. 4. Extract the data by using the packet inspection package. 5 Provide the data to the third-party vendor.

Explanation

首先,配置流量镜像过滤器以捕获UDP数据。接着,配置流量镜像以捕获EC2实例的弹性网络接口的流量。然后,在监控账户中配置一个新的EC2实例,并使用其弹性网络接口作为流量镜像的目标,通过包检测包提取数据。最后,提取的数据提供给第三方供应商进行调试。通过这些步骤,可以在不直接访问生产系统的情况下,安全有效地捕获和分析所需的网络流量数据。 查看全部