You are troubleshooting an intermittently failing application in your Google Cloud network, where low-volume packets sent from a Compute Engine VM to an on-premises destination via Cloud Interconnect VLAN attachments may be getting lost. You've confirmed that Cloud NGFW rules contain no egress deny statements and no explicit allow rules. To diagnose whether packets are correctly leaving the VM per Google's best practices, what action should you take?

Exam-Like

Create a packet mirroring policy that is configured with your VM as the source and destined to a collector. Analyze the packet captures.

22.2%

Enable VPC Flow Logs on the subnet that the VM is deployed in with SAMPLE_RATE = 1.0, and run a query in Logs Explorer to analyze the packet flow._

33.3%

Verify the network/attachment/egress_dropped_packets_count Cloud Interconnect VLAN attachment metric._

22.2%

Enable Firewall Rules Logging on your firewall rules and review the logs.

22.2%

Google Professional Cloud Network Engineer