Answer-first summary for fast verification
Answer: SSH access would be permitted as the allow rule takes precedence over the deny rule.
The correct answer is **B** because firewall rules are applied based on their priority. The allow rule, with a higher priority (lower numerical value) of 1000, overrides the deny rule, which has a priority of 5000. Therefore, SSH access is allowed. This behavior is in line with Google Cloud Platform's documentation on VPC Firewall Rules, which states that the highest priority rule applicable to a target for a given type of traffic takes precedence, regardless of target specificity or the generality of the protocol and port definition. Options A, C, and D are incorrect as SSH access would indeed be allowed under these rules.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You have configured an instance within your new network and subnet, and established the following firewall rules targeting all instances in your network:
What would be the outcome if you attempt to SSH into the instance?
A
SSH access would be denied, requiring the execution of the gcloud firewall refresh command for the allow rule to become effective.
B
SSH access would be permitted as the allow rule takes precedence over the deny rule.
C
SSH access would be denied because the deny rule overrides the allow rule.
D
SSH access would be denied, necessitating a reboot of the instance for the allow rule to take effect.