Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
You need to configure a Cloud Interconnect connection between your on-premises data center and a Google Cloud VPC network. The requirement is to ensure on-premises applications access Google APIs exclusively through the Cloud Interconnect, not the public internet, and only use APIs supported by VPC Service Controls to mitigate data exfiltration risks. How should you design the network configuration?
A
Enable Private Google Access on the regional subnets and global dynamic routing mode.
B
Create a CNAME to map .googleapis.com to restricted.googleapis.com, and create A records for restricted.googleapis.com mapped to 199.36.153.8/30.
C
Use private.googleapis.com to access Google APIs using a set of IP addresses only routable from within Google Cloud, which are advertised as routes over the connection.
D
Use restricted googleapis.com to access Google APIs using a set of IP addresses only routable from within Google Cloud, which are advertised as routes over the Cloud Interconnect connection.