Your company has deployed compute resources in VPCs within the Development Project, with applications running on GCE Instances across three VPCs. A new security mandate requires sampling network flows to and from these VM instances. Which solution best meets this requirement?

Real Exam

Enable VPC Flow Logs in the subnets hosting the instances to sample network traffic.

Configure a Logs Sink with an inclusion filter to sample VPC traffic, post enabling VPC Flow Logs.

Activate Firewall logs for rules impacting instances in the VPCs to capture allowed or denied traffic.

Install the FluentD agent on instances for forwarding application logs to Cloud Logging, unrelated to network traffic.

Google Professional Cloud DevOps Engineer