AWS Certified Cloud Practitioner (CLF-C02) — Question 304

Which AWS service or feature gives users the ability to capture information about network traffic in a VPC?

Answer options

• A. VPC Flow Logs
• B. Amazon Inspector
• C. VPC route tables
• D. AWS CloudTrail

Correct answer: A

Explanation

VPC Flow Logs is the specific AWS feature designed to capture and log IP traffic information for network interfaces within a VPC. Amazon Inspector is used for automated security assessments and vulnerability scanning, while AWS CloudTrail records API activity rather than packet-level network traffic. VPC route tables control the direction of network traffic but do not capture or log traffic details.