AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 7
You have a three-tier web application with separate subnets for Web, Applications, and Database tiers. Your CISO suspects your application will be the target of malicious activity. You are tasked with notifying the security team in the event your application is port scanned by external systems.
Which two AWS Services cloud you leverage to build an automated notification system? (Choose two.)
Answer options
- A. Internet gateway
- B. VPC Flow Logs
- C. AWS CloudTrail
- D. Lambda
- E. AWS Inspector
Correct answer: B, D
Explanation
Using VPC Flow Logs allows you to capture information about the IP traffic going to and from network interfaces in your VPC, which can help detect port scanning activities. AWS Lambda can be utilized to automate the notification process by triggering alerts based on the data captured in VPC Flow Logs. The other options, while useful for different purposes, do not directly provide the same capability for detecting and responding to port scans.