Imagine you're the on-call Site Reliability Engineer (SRE) for a rapidly expanding media company. Your application, hosted on Compute Engine within a custom VPC, handles user traffic globally via HTTPS. Your new challenge is to log all unsuccessful SSH attempts to the GCE instances. What's the best approach to accomplish this?

Real Exam

Establish a firewall rule to block egress traffic on Port 22 from any source to the VPC network and enable logging.

Set up a firewall rule to permit ingress traffic on Port 22 from any source to the VPC network and activate logging.

Implement a firewall rule to deny ingress traffic on Port 22 from any source to the VPC network and turn on logging.

Create a firewall rule to allow egress traffic on Port 22 from any source to the VPC network and enable logging.

Google Professional Cloud DevOps Engineer