Google Professional Cloud Network Engineer
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your company's resource hierarchy includes a parent folder with department-specific subfolders. Each department creates its own project and VPC within its assigned folder and has permissions to manage Google Cloud firewall rules. You must prevent all inter-VPC traffic while delegating intra-VPC firewall rule management to each department. What is the correct approach to achieve this?
A
Create a VPC firewall rule in each VPC to block traffic from any source, with priority 0.
B
Create a VPC firewall rule in each VPC to block traffic from any source, with priority 1000.
C
Create two hierarchical firewall policies per department's folder with two rules in each: a high-priority rule that matches traffic from the private CIDRs assigned to the respective VPC and sets the action to allow, and another lower-priority rule that blocks traffic from any other source.
D
Create two hierarchical firewall policies per department's folder with two rules in each: a high-priority rule that matches traffic from the private CIDRs assigned to the respective VPC and sets the action to goto_next, and another lower-priority rule that blocks traffic from any other source._