AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 222

A network engineer needs to provide a list of IP addresses that are sending traffic to an Amazon EC2 instance. VPC flow logs are enabled. The EC2 instance has a single network interface and two assigned IP addresses. However, the flow logs are logging traffic only for the primary IP address. The network engineer needs to determine whether any traffic is being sent to the second IP address of the EC2 instance.

What should the network engineer do to locate the traffic flow for the second IP address?

Answer options

• A. Create a new flow log that includes the pkt-dstaddr field to capture the original destination IP address of the traffic.
• B. Create a new flow log that includes the dstaddr field to capture the original destination IP address of the traffic.
• C. Create a new flow log that includes the pkt-srcaddr field to capture the original destination IP address of the traffic.
• D. Create a new flow log that includes the srcaddr field to capture the original destination IP address of the traffic.

Correct answer: A

Explanation

The correct answer is A because the pkt-dstaddr field captures the original destination IP address of packets, which is crucial for tracking traffic to the second IP address. Options B, C, and D do not capture the necessary information about the destination IP address; B captures a different field, C captures the source address, and D also focuses on the source address.