Google Professional Cloud Network Engineer

Get started today

Ultimate access to all questions.

You have created a new VPC network called Dev with a single subnet. You configured a firewall rule for the Dev network to allow only HTTP traffic and enabled logging.

When attempting to connect to an instance in the subnet using Remote Desktop Protocol (RDP), the login fails. You check Stackdriver Logging for firewall rule logs but find no entries for blocked traffic.

What steps should you take to view the logs for blocked traffic?

Exam-Like

Check the VPC flow logs for the instance.

Try connecting to the instance via SSH, and check the logs.

Create a new firewall rule to allow traffic from port 22, and enable logs.

Create a new firewall rule with priority 65500 to deny all traffic, and enable logs.

Explanation:

The issue arises because the RDP traffic (port 3389) is blocked by the implicit deny rule in GCP, which does not generate logs. Firewall rule logging only applies to explicit rules. To log the blocked traffic, an explicit deny rule with logging enabled must be created. Option D suggests creating a deny-all rule with priority 65500 (low priority, evaluated last) and enabling logs. This ensures any traffic not allowed by higher-priority rules (like the existing HTTP allow rule) is captured in the logs. Other options either address unrelated ports (C for SSH/port 22), rely on flow logs (A, which are not mentioned as enabled), or attempt SSH without resolving the logging issue (B).

Powered ByGPT-5.2

Comments

Loading comments...