Answer-first summary for fast verification
Answer: Use Firewall Insights, and enable insights for Overly permissive rules.
To efficiently review Cloud NGFW configurations for overly permissive ingress rules without manual intervention, the optimal solution is to utilize Firewall Insights. This feature is specifically designed to identify and highlight overly permissive rules, such as those allowing traffic from the internet (0.0.0.0/0), thereby automating the review process. Option A suggests a manual approach, which is not in line with the requirement to avoid manual work. Option C, while useful for testing connectivity, does not provide a direct means to audit firewall configurations. Option D, involving Network Analyzer insights, offers a broader network analysis but may not specifically focus on identifying overly permissive firewall rules as effectively as Firewall Insights.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you automatically review your Google Cloud Next Generation Firewall (Cloud NGFW) configurations to verify that no rules permit inbound internet traffic to your VMs and services, minimizing manual effort?
A
Export all your Cloud NGFW rules into a CSV file and search for 0.0.0.0/0.
B
Use Firewall Insights, and enable insights for Overly permissive rules.
C
Run Connectivity Tests from multiple external sources to confirm that traffic is not allowed to ingress to your most critical services in Google Cloud.
D
Review Network Analyzer insights on the VPC network category.
No comments yet.