Google Professional Cloud Network Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create and associate a firewall policy with the Dev folder with a rule to open port 8080. Create and associate a firewall policy with the Prod folder with a rule to deny traffic to port 8080.

The correct approach is to use Hierarchical Firewall Policies for scalable and consistent enforcement of firewall rules across projects within the Dev and Prod folders. This method allows you to define rules at the folder level, which automatically apply to all projects within those folders, ensuring minimal manual configuration and cost. Option A correctly implements this by creating and associating separate firewall policies with the Dev and Prod folders, specifying the required rules for port 8080. This approach is both efficient and effective for managing firewall rules at scale within Google Cloud.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Create and associate a firewall policy with the Dev folder with a rule to open port 8080. Create and associate a firewall policy with the Prod folder with a rule to deny traffic to port 8080.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

In your Google Cloud organization, you have two folders: Dev and Prod. You need a scalable and cost-effective method to uniformly enforce the following firewall rules across all virtual machines (VMs):

• Allow traffic on port 8080 for all VMs in projects under the Dev folder.
• Block all traffic to port 8080 for all VMs in projects under the Prod folder.

What is the recommended approach to achieve this?

Exam-Like

Create and associate a firewall policy with the Dev folder with a rule to open port 8080. Create and associate a firewall policy with the Prod folder with a rule to deny traffic to port 8080.

70.0%

Create a Shared VPC for the Dev projects and a Shared VPC for the Prod projects. Create a VPC firewall rule to open port 8080 in the Shared VPC for Dev. Create a firewall rule to deny traffic to port 8080 in the Shared VPC for Prod. Deploy VMs to those Shared VPCs.

0.0%

In all VPCs for the Dev projects, create a VPC firewall rule to open port 8080. In all VPCs for the Prod projects, create a VPC firewall rule to deny traffic to port 8080.

30.0%

Use Anthos Config Connector to enforce a security policy to open port 8080 on the Dev VMs and deny traffic to port 8080 on the Prod VMs.