Answer-first summary for fast verification
Answer: 1. Create an ingress firewall rule with the following settings: • Targets: all instances with tier #2 service account • Source filter: all instances with tier #1 service account • Protocols: allow TCP:8080 2. Create an ingress firewall rule with the following settings: • Targets: all instances with tier #3 service account • Source filter: all instances with tier #2 service account • Protocols: allow TCP:8080
The correct answer is B. This is because option B creates ingress firewall rules that allow communication between the instances in the different tiers on TCP port 8080, based on their associated service accounts. Specifically, it allows traffic from instances in Tier #1 with the Tier #1 service account to instances in Tier #2 with the Tier #2 service account, and from instances in Tier #2 with the Tier #2 service account to instances in Tier #3 with the Tier #3 service account. This ensures that only the appropriate instances can communicate with each other. In contrast, the other options either open all ports, which is not secure (options A and C), or use egress rules instead of ingress rules (option D), which is not what is required for controlling inbound traffic.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company operates a 3-tier architecture hosted on Google Cloud's Compute Engine. Each tier is managed with its own service account that is linked to all instances within that specific tier. To ensure proper functionality and seamless communication between the different tiers, you need to configure the network to allow communication over TCP port 8080. The communication requirements are as follows:
What steps should you take to accomplish this configuration?
A
B
C
D