Google Professional Cloud Network Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create a new project and a VPC for the security team. Peer the new VPC with the web servers’ VPC in the prod-servers project. Create an internal load balancer and the IDS system in both us-east1 and us-west1. Enable Packet Mirroring, and create packet mirroring policies inside the new project.

The correct approach involves using VPC peering and Packet Mirroring. Option A correctly sets up a new project for the security team, peers it with the prod-servers' VPC, deploys IDS in both regions with internal load balancers, and configures Packet Mirroring policies in the security project. This allows the IDS to inspect traffic from both regions efficiently. Option C's use of Shared VPC would require relocating web servers and places the IDS in only one region, which is less optimal. Option B's IP forwarding approach is error-prone and doesn't ensure traffic inspection.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

Your web servers are running in both `us-east1` and `us-west1` regions within the `prod-servers` project. The security team intends to deploy an intrusion detection system (IDS) in their own Google Cloud project to monitor incoming network traffic. What steps should you take to enable this?

Exam-Like

Create a new project and a VPC for the security team. Peer the new VPC with the web servers’ VPC in the prod-servers project. Create an internal load balancer and the IDS system in both us-east1 and us-west1. Enable Packet Mirroring, and create packet mirroring policies inside the new project.

40.0%

Create a host project and a Sharad VPC for the security team. Make prod-servers a service project, and relocate the web servers to shared subnets in both regions. Enable IP forwarding on all the web servers. Create the IDS system in a non-shared subnet of us-east1 or us-west1. Configure the web servers to forward the packets to the IDS system.

20.0%

Create a new project and a VPC for the security team. Peer the new VPC with the web servers’ VPC in the prod-servers project. Enable IP forwarding on all the web servers. Install the IDS system in both us-east1 and us-west1. Configure the web servers to forward the packets to the IDS system.

10.0%

Google Professional Cloud Network Engineer

Get started today

Quick Answer

Quick Answer

Comments (0)

Get started today

Comments (0)

Your web servers are running in both us-east1 and us-west1 regions within the prod-servers project. The security team intends to deploy an intrusion detection system (IDS) in their own Google Cloud project to monitor incoming network traffic. What steps should you take to enable this?

Your web servers are running in both `us-east1` and `us-west1` regions within the `prod-servers` project. The security team intends to deploy an intrusion detection system (IDS) in their own Google Cloud project to monitor incoming network traffic. What steps should you take to enable this?