Your team needs to ensure that only the frontend application can access the backend database, with no network access from other instances. How should the network be designed to achieve this?

Exam-Like

Create an ingress firewall rule to allow access only from the application to the database using firewall tags.

Create a different subnet for the frontend application and database to ensure network isolation.

Create two VPC networks, and connect the two networks using Cloud VPN gateways to ensure network isolation.

Create two VPC networks, and connect the two networks using VPC peering to ensure network isolation.

Google Professional Cloud Security Engineer