You have two Google Cloud projects within a VPC Service Controls perimeter to prevent data exfiltration. A third project needs to be added to the perimeter, but this change may adversely affect the existing environment. How should you assess the potential impact before proceeding?

Exam-Like

Explanation:

VPC Service Controls (VPC SC) dry run mode allows you to test the impact of adding a project to a service perimeter without enforcing the restrictions. This enables monitoring of potential violations that would occur if the project were fully added. Options A and D relate to network traffic logging (Firewall Rules and Flow Logs), which don't directly assess VPC SC policy impacts. Option C monitors Resource Manager audit logs, which track administrative changes but not service access violations. Thus, B is the correct choice for validating the impact before enforcing the change.

Powered ByGPT-5

Google Professional Cloud Network Engineer

Get started today

Google Professional Cloud Network Engineer

Get started today

You have two Google Cloud projects within a VPC Service Controls perimeter to prevent data exfiltration. A third project needs to be added to the perimeter, but this change may adversely affect the existing environment. How should you assess the potential impact before proceeding?