Answer-first summary for fast verification
Answer: 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
The correct answer is A. This option involves creating a single VPC with separate subnets for the DMZ and the LAN. This configuration allows for easier management and communication between the two subnets without the need for VPC peering. Firewall rules can be set up to open up relevant traffic between the DMZ and the LAN subnets and to allow public ingress traffic to the DMZ. Option B can be ruled out because instead of public egress traffic, public ingress traffic needs to be enabled for the DMZ. Options C and D can be ruled out because creating separate VPCs for the DMZ and the LAN would require VPC peering for communication, adding unnecessary complexity.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is transitioning its entire workload to Google Cloud's Compute Engine. In this new cloud-based environment, certain servers must remain accessible via the Internet, while others should only be reachable through the internal network. Additionally, all servers, regardless of their access point, need to communicate with each other using specific ports and protocols. The existing on-premises network setup employs a demilitarized zone (DMZ) for public servers and a Local Area Network (LAN) for private servers. How would you design the networking architecture on Google Cloud to meet these requirements?
A
B
C
D