You are auditing network segmentation in your Google Cloud environment, which has separate Production and Non-Production IaaS environments. All VM instances use the default service account configuration. You observe that all instances in your custom VPC network can communicate freely, even though tag-based firewall rules with a priority of 1000 are in place to enforce segmentation. What are the most likely reasons for this behavior?

Exam-Like

All VM instances are missing the respective network tags.

All VM instances are residing in the same network subnet.

All VM instances are configured with the same network route.

A VPC firewall rule is allowing traffic between source/targets based on the same service account with priority 999. E . A VPC firewall rule is allowing traffic between source/targets based on the same service account with priority 1001.

Google Professional Cloud Security Engineer

Get started today

Comments