Answer-first summary for fast verification
Answer: Cloud NAT
The correct answer is Cloud NAT (B) because it allows VMs without public IP addresses to access the internet for outbound connections while preventing unsolicited inbound connections, thus reducing the attack surface. Cloud NAT provides a managed Network Address Translation service that enables private instances to reach external services without requiring individual public IPs. Google Cloud Armor (A) is a DDoS protection and web application firewall service, not for reducing public IP usage. Cloud Router (C) is for dynamic route exchange in hybrid networks. Cloud VPN (D) is for secure connectivity between on-premises and cloud networks, not for internet egress.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
During a security assessment, you identify that multiple VMs require public IP addresses to communicate with external sites as part of normal business operations. What should you recommend to minimize the reliance on public IP addresses for these VMs?
A
Google Cloud Armor
B
Cloud NAT
C
Cloud Router
D
Cloud VPN
No comments yet.