Answer-first summary for fast verification
Answer: Use firewall rules based on network tags attached to the compute instances
The correct answer is B: Use firewall rules based on network tags attached to the compute instances. This approach allows you to specify which instances can communicate with each other and on which paths and ports, without relying on static IP addresses or subnets. By assigning network tags to your instances, you can dynamically manage firewall rules to control traffic. This is particularly useful in an autoscaling scenario where instances' IP addresses may change frequently.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are managing a web application that runs on several VM instances within a VPC on Google Cloud. To ensure security and efficient networking, you need to restrict communications between these instances to only the authorized paths and ports. Given that the application can autoscale, you want to avoid relying on static IP addresses or subnets. How should you effectively manage and restrict inter-instance communications?
A
Use separate VPCs to restrict traffic
B
Use firewall rules based on network tags attached to the compute instances
C
Use Cloud DNS and only allow connections from authorized hostnames
D
Use service accounts and configure the web application to authorize particular service accounts to have access
No comments yet.