Answer-first summary for fast verification
Answer: Deploy the instance without assigning a public IP address.
**A** is correct because an instance without a public IP address cannot be accessed from the internet, ensuring the service remains internal. **B** is incorrect as Private Google Access allows instances to reach Google APIs internally but doesn't block internet traffic. **C** is incorrect because it blocks outgoing traffic, not incoming, and would disrupt internal communications. **D** is incorrect as it doesn't specifically prevent public internet access, only routes traffic through the VPN.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a cloud engineer at a social media app company utilizing a hybrid cloud environment, you're tasked with deploying a new internal service on Compute Engine. This service must be inaccessible from the public internet. Which action ensures this requirement?
A
Deploy the instance without assigning a public IP address.
B
Enable Private Google Access on the instance.
C
Apply a deny-all egress firewall rule to the VPC network.
D
Direct all instance traffic through the VPN tunnel by establishing a GCP route.