Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
You are assisting a user in setting up an application within a newly created Virtual Private Cloud (VPC) that is secured by a firewall. The user has expressed concerns regarding data egress and wishes to minimize the number of open egress ports to enhance security. How should you configure the egress rules to achieve this?
You are assisting a user in setting up an application within a newly created Virtual Private Cloud (VPC) that is secured by a firewall. The user has expressed concerns regarding data egress and wishes to minimize the number of open egress ports to enhance security. How should you configure the egress rules to achieve this?
Explanation:
The correct answer is A. In Google Cloud VPCs, the priority of firewall rules is crucial. Rules with a lower priority number take precedence over those with a higher number. To configure the fewest open egress ports, you should set up a high-priority rule (with a low number like 1000) that allows traffic only on the specific needed ports, while setting a low-priority rule (with a high number like 65534) that blocks all egress traffic. This ensures that the general block-all rule is overridden by the specific allow rule for the necessary ports, achieving the goal of minimizing open egress ports.