Answer-first summary for fast verification
Answer: Dry run
The question requires enabling VPC Service Controls while allowing perimeter changes without blocking resource access. Dry run mode is specifically designed for this purpose - it logs policy violations for monitoring and testing without actually denying access. This allows organizations to safely test perimeter configurations and understand potential impacts before enforcing restrictions. The community discussion strongly supports this with 100% consensus on option D, citing Google's official documentation that dry run mode 'is used to test perimeter configuration and to monitor usage of services without preventing access to resources.' Other options are incorrect: Cloud Run is a serverless platform, not a VPC SC mode; Native isn't a valid VPC SC mode; Enforced mode would block access to resources that violate the perimeter policy, which contradicts the requirement.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You need to enable VPC Service Controls and allow modifications to existing perimeters without blocking access to resources. Which VPC Service Controls mode should you use?
A
Cloud Run
B
Native
C
Enforced
D
Dry run
No comments yet.