A company wants to monitor network traffic in its VPC for security analysis and troubleshooting. Which TWO AWS services can be used to capture and analyze IP traffic information? (Choose TWO.)
Captures and inspects traffic.
Why this answer
Options A and C are correct. VPC Flow Logs capture IP traffic metadata, and AWS Network Firewall can capture and inspect traffic. B is wrong because CloudTrail records API calls, not network traffic.
D is wrong because GuardDuty is a threat detection service that uses flow logs but does not capture them directly. E is wrong because AWS Trusted Advisor provides best practice checks.