Explanation:
Option A is incorrect because it applies firewall rules to all instances indiscriminately, not just between the specified tiers, and allows all protocols instead of restricting to TCP on port 8080.
Option B is correct because it precisely targets communication between the specified tiers using their service accounts and restricts the protocol to TCP on port 8080, ensuring secure and specific communication paths.
Option C is incorrect as it allows all protocols between instances, which is not secure and does not meet the requirement of restricting communication to TCP on port 8080.
Option D is incorrect because it uses egress rules and IP ranges instead of service account filters, which are not suitable for controlling inbound traffic between the tiers.
For more information, refer to:
Ultimate access to all questions.
No comments yet.
Your freight tracking application is deployed as a three-tier app on Compute Engine. The current infrastructure is configured with different service accounts for each tier, and communication between tiers occurs on port 8080. You need to modify the network setup to ensure:
A
Create two firewall rules:
B
Create two firewall rules:
C
Create two firewall rules:
D
Create two firewall rules: