AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 146

You need to quickly view inbound traffic to an instance to determine why it isn't reaching the instance properly. What is the best tool for this?

Answer options

• A. Wireshark
• B. CloudWatch
• C. CloudTrail
• D. Flow Logs

Correct answer: D

Explanation

Flow Logs are specifically designed to capture information about the IP traffic going to and from network interfaces in your VPC, making them ideal for diagnosing connectivity issues. Wireshark is a packet analyzer but is not as efficient for cloud environments as Flow Logs. CloudWatch is primarily for monitoring and logging metrics, while CloudTrail focuses on AWS account activity, not network traffic.