Answer-first summary for fast verification
Answer: Implement a firewall rule to permit incoming traffic on Port 22 from the company network to the VPC network and activate logging.
Option A is incorrect because the firewall should permit, not block, incoming (ingress) traffic. Option B is correct as it involves creating a firewall rule that allows incoming (ingress) traffic on port 22 (SSH) and enables logging, ensuring that logs are recorded in Cloud Logging. Options C and D are incorrect because the focus should be on incoming (ingress) traffic, not outgoing (egress) traffic. For more details, refer to the Google Cloud documentation on firewall rules logging: [https://cloud.google.com/vpc/docs/firewall-rules-logging](https://cloud.google.com/vpc/docs/firewall-rules-logging).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As the on-call Site Reliability Engineer (SRE) for a betting company, you are overseeing an application hosted on the App Engine flexible environment within a custom VPC. This application is accessible globally via HTTPS. Your task is to log all successful SSH connections to the Google Compute Engine (GCE) instances originating from the company's network. What is the best approach to accomplish this?
A
Establish a firewall rule to block incoming traffic on Port 22 from the company network to the VPC network and enable logging.
B
Implement a firewall rule to permit incoming traffic on Port 22 from the company network to the VPC network and activate logging.
C
Set up a firewall rule to block outgoing traffic on Port 22 from the company network to the VPC network and enable logging.
D
Create a firewall rule to allow outgoing traffic on Port 22 from the company network to the VPC network and activate logging.
No comments yet.