Answer-first summary for fast verification
Answer: 1. Assign a custom network tag to the VM hosting the LDAP server. 2. Establish a firewall rule permitting ingress traffic on UDP port 636 for the tagged VM.
Option A is incorrect because routes are designed for network traffic forwarding between networks, not for managing access to specific ports on a VM. Option B is incorrect as merely tagging a VM does not automatically implement the necessary firewall rules to control traffic. Option C is correct because it involves both tagging the VM and creating a specific firewall rule to allow incoming (ingress) traffic on UDP port 636, ensuring clients can access the LDAP server. Option D is incorrect since it focuses on outgoing (egress) traffic, which does not address the requirement for clients to access the server. For more information, refer to Google Cloud's documentation on [firewalls](https://cloud.google.com/vpc/docs/firewalls), [ingress and egress rules](https://cloud.google.com/vpc-service-controls/docs/ingress-egress-rules), and [routes](https://cloud.google.com/vpc/docs/routes).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your company is in the process of migrating Active Directory to Google Cloud Platform (GCP). As part of this migration, you've set up an LDAP server on a Compute Engine instance, accessible via TLS on port 636 over UDP. What steps should you take to ensure clients can successfully access this server?
A
Create a route named 'allow-udp-636' with the next hop set to the VM instance hosting the LDAP server.
B
Apply a network tag 'allow-udp-636' to the VM running the LDAP server.
C
D
No comments yet.