Explanation:
To analyze incoming traffic and identify the source IP addresses during a suspected denial-of-service attack, VPC Flow Logs are the correct tool as they capture network traffic metadata, including source and destination IPs. Data Access audit logs (options A and D) track configuration changes and API calls, not actual traffic data. Option B suggests using VPC Flow Logs for the subnet, which is correct, but the 'connection' field is not the exact field name—source IPs are in the 'src_ip' field. However, among the provided options, B is the closest valid choice. Option C incorrectly refers to 'src_location' (geographic data, not raw IPs) and has a typo in the VPC reference.
Ultimate access to all questions.
No comments yet.
To investigate potential denial-of-service traffic targeting a VM in your default VPC, which Google Cloud service or method should you use to analyze the source of incoming traffic?
A
Enable Data Access audit logs of the VPC. Analyze the logs and get the source IP addresses from the subnetworks.get field.
B
Enable VPC Flow Logs for the subnet. Analyze the logs and get the source IP addresses from the connection field.
C
Enable VPC Flow Logs for the VPAnalyze the logs and get the source IP addresses from the src_location field.
D
Enable Data Access audit logs of the subnet. Analyze the logs and get the source IP addresses from the networks.get field.