
Explanation:
The correct answer is D because firewall rules are evaluated based on their priority, with lower numbers indicating higher priority. The 'deny-all' rule has a priority of 1000, which is higher (numerically lower) than the 'open-ssh' rule's priority of 5000. Therefore, the deny rule takes precedence, blocking the SSH connection.
For more details, refer to the GCP documentation on VPC Firewall Rules – Priority.
Ultimate access to all questions.
No comments yet.
You’ve configured an instance within your new network and subnet, setting up firewall rules targeting all instances in your network. The rules are as follows:
Despite these settings, your SSH connection attempts to the instance are timing out. What is the most probable reason for this issue?
A
The SSH connection is denied, and the instance requires a reboot for the allow rule to become effective.
B
The SSH key has not been properly uploaded to the instance.
C
The firewall rule must be specifically applied to the instance.
D
The SSH connection is denied because the deny rule, having a higher priority, overrides the allow rule.