Explanation:
A is correct because an instance without a public IP address cannot be accessed from the internet, ensuring the service remains internal. B is incorrect as Private Google Access allows instances to reach Google APIs internally but doesn't block internet traffic. C is incorrect because it blocks outgoing traffic, not incoming, and would disrupt internal communications. D is incorrect as it doesn't specifically prevent public internet access, only routes traffic through the VPN.
Ultimate access to all questions.
No comments yet.
As a cloud engineer at a social media app company utilizing a hybrid cloud environment, you're tasked with deploying a new internal service on Compute Engine. This service must be inaccessible from the public internet. Which action ensures this requirement?
A
Deploy the instance without assigning a public IP address.
B
Enable Private Google Access on the instance.
C
Apply a deny-all egress firewall rule to the VPC network.
D
Direct all instance traffic through the VPN tunnel by establishing a GCP route.