AWS Certified Developer – Associate (DVA-C02) — Question 479

A developer is building a three-tier application with an Application Load Balancer (ALB), Amazon EC2 instances, and Amazon RDS. There is an alias record in Amazon Route 53 that points to the ALB. When the developer tries to access the ALB from a laptop, the request times out.

Which logs should the developer investigate to verify that the request is reaching the AWS network?

Answer options

• A. VPC Flow Logs
• B. Amazon Route 53 logs
• C. AWS Systems Manager Agent logs
• D. Amazon CloudWatch agent logs

Correct answer: A

Explanation

VPC Flow Logs capture detailed information about the IP traffic going to and from network interfaces in your VPC, making them the ideal tool to verify if the connection request from the laptop is reaching the AWS network. Amazon Route 53 logs only capture DNS query information, not actual network traffic, while AWS Systems Manager Agent and Amazon CloudWatch agent logs reside on the EC2 instances themselves and will not help troubleshoot traffic that may be blocked before reaching the host.