Answer-first summary for fast verification
Answer: Create an allow on match ingress firewall rule with the target tag “web-server” to allow all IP addresses for TCP ports 80 and 443.
The question requires allowing inbound (ingress) traffic to web servers for HTTP (TCP port 80) and HTTPS (TCP port 443). Firewall rules in Google Cloud are stateful, meaning allowing ingress on these ports will automatically permit related return traffic via egress. Options A and C are ingress rules. Since the requirement includes both HTTP and HTTPS, option C (allowing both ports 80 and 443) is correct. Egress rules (B, D) are irrelevant here as they control outbound traffic, not inbound. Thus, the correct answer is C.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
To restrict inbound traffic to your web servers in a VPC to only HTTP and HTTPS over TCP for security purposes, what firewall rule configuration should you implement?
A
Create an allow on match ingress firewall rule with the target tag “web-server” to allow all IP addresses for TCP port 80.
B
Create an allow on match egress firewall rule with the target tag “web-server” to allow all IP addresses for TCP port 80.
C
Create an allow on match ingress firewall rule with the target tag “web-server” to allow all IP addresses for TCP ports 80 and 443.
D
Create an allow on match egress firewall rule with the target tag “web-server" to allow web server IP addresses for TCP ports 80 and 443.
No comments yet.