Answer-first summary for fast verification
Answer: Create a VPC with a private subnet. Assign a private IP address to each database server.
The question explicitly requires preventing any direct communication with the public internet for database servers. Option C creates a VPC with a private subnet and assigns private IP addresses only, which inherently blocks direct internet access as private IPs are not routable from the internet. This aligns with security best practices where databases should be isolated without internet exposure unless specifically required. While some community comments (with upvotes) suggested Option A for indirect internet access via NAT, the question does not mention any need for internet connectivity—it only emphasizes preventing direct access. Options B and D involve public IPs or static public IPs, which violate the 'no direct communication' requirement. The highest upvoted comments and consensus favor C for strict adherence to the security requirement without assuming unstated internet needs.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You need to create a secure, private network in Google Cloud for database servers that prevents any direct access to or from the public internet. What is the correct approach?
A
Assign a private IP address to each database server. Use a NAT gateway to provide internet connectivity to the database servers.
B
Assign a static public IP address to each database server. Use firewall rules to restrict external access.
C
Create a VPC with a private subnet. Assign a private IP address to each database server.
D
Assign both a private IP address and a public IP address to each database server.
No comments yet.