Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Associate Cloud Engineer Exam - Topic 10 Question 64 Discussion

Your company has a 3-tier solution running on Compute Engine. The configuration of the current infrastructure is shown below.Each tier has a service account that is associated with all instances within it. You need to enable communication on TCP port 8080 between tiers as follows:* Instances in tier #1 must communicate with tier #2.* Instances in tier #2 must communicate with tier #3.What should you do?
D) 1. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow TCP: 80802. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.1.0/24)* Protocols: allow TCP: 8080
A) 1. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.1.0/24)* Protocols: allow all
B) 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow TCP:80802. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow TCP: 8080
C) 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow all

Google Associate Cloud Engineer Exam - Topic 10 Question 64 Discussion

Actual exam question for Google's Associate Cloud Engineer exam
Question #: 64
Topic #: 10
[All Associate Cloud Engineer Questions]

Your company has a 3-tier solution running on Compute Engine. The configuration of the current infrastructure is shown below.

Each tier has a service account that is associated with all instances within it. You need to enable communication on TCP port 8080 between tiers as follows:

* Instances in tier #1 must communicate with tier #2.

* Instances in tier #2 must communicate with tier #3.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: D

gcloud deployment-manager deployments create creates deployments based on the configuration file. (Infrastructure as code). All the configuration related to the artifacts is in the configuration file. This command correctly creates a cluster based on the provided cluster.yaml configuration file.

Ref:https://cloud.google.com/sdk/gcloud/reference/deployment-manager/deployments/create


by Cecilia at Feb 05, 2023, 06:35 AM

Limited Time Offer

25%

Off

Get Premium Associate Cloud Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Reena
7 months ago
C seems like a bad idea, allowing all protocols is risky!
upvoted 0 times
...
Tracey
7 months ago
Totally agree with B, it’s more secure with service accounts.
upvoted 0 times
...
Helaine
7 months ago
Surprised that D is even an option, egress rules won't work here!
upvoted 0 times
...
Shayne
8 months ago
I think A is too permissive, it allows all protocols.
upvoted 0 times
...
Beckie
8 months ago
B is the right choice for tier communication on TCP 8080.
upvoted 0 times
...
Rodolfo
8 months ago
I recall that egress rules are for outbound traffic, so option D doesn't seem right for this scenario. We definitely need to focus on ingress rules for tier communication.
upvoted 0 times
...
Layla
8 months ago
I practiced a similar question where we had to set up communication between different tiers. I think option C could work, but I'm not confident about allowing all protocols.
upvoted 0 times
...
Rashida
8 months ago
I'm not entirely sure, but I feel like ingress rules are what we need here. I think option A allows all traffic, which might not be secure enough.
upvoted 0 times
...
Stefania
8 months ago
I remember we discussed the importance of using service accounts for firewall rules. I think option B might be the right choice since it specifies the service accounts for each tier.
upvoted 0 times
...
Elina
8 months ago
Hmm, I'm a little confused on this one. I was thinking it might be D - all types except Not Applicable, since those are the ones that don't really need much explanation. But I'm not totally sure.
upvoted 0 times
...
Chantay
8 months ago
Personalization is definitely the way to go. Segmenting your email list allows you to craft more targeted and relevant messages for each group, which should lead to better engagement and results.
upvoted 0 times
...
Gladys
8 months ago
Okay, let me see if I can break this down. The key seems to be understanding why the "New Contact from Same Company" option is disabled. I'll try to eliminate the options one by one.
upvoted 0 times
...
Socorro
8 months ago
If I recall correctly, the value can be anything, but I'm unsure about what specific types are not allowed for keys. This is tricky!
upvoted 0 times
...
Nada
1 year ago
Option B is the way to go, unless you want to open up your entire network to the world. I mean, who needs security these days, right? Yolo!
upvoted 0 times
Royal
12 months ago
Definitely, we don't want to compromise security just for convenience. Yolo is not the way to go here.
upvoted 0 times
...
Stefania
12 months ago
Yeah, Option B seems to be the most secure way to enable communication between the tiers.
upvoted 0 times
...
Eladia
1 year ago
I think Option B is the best choice for security.
upvoted 0 times
...
...
Avery
1 year ago
Option D? Really? Egress rules? That's just silly. Clearly, Option B is the correct answer here.
upvoted 0 times
Ressie
12 months ago
Let's go with Option B then. It makes the most sense for this scenario.
upvoted 0 times
...
Loreta
12 months ago
Definitely, Option B is the correct answer for enabling communication between the tiers.
upvoted 0 times
...
Vinnie
12 months ago
I agree, Option B seems to be the right choice.
upvoted 0 times
...
Isabelle
12 months ago
Option D? Really? Egress rules? That's just silly.
upvoted 0 times
...
Dean
12 months ago
Definitely, Option B ensures the communication flow between the tiers as required.
upvoted 0 times
...
Galen
1 year ago
Creating ingress rules for communication between tiers makes more sense.
upvoted 0 times
...
Jina
1 year ago
I agree, Option B seems to be the correct answer.
upvoted 0 times
...
Martha
1 year ago
Option D? Really? Egress rules? That's just silly.
upvoted 0 times
...
...
Osvaldo
1 year ago
Option C seems a bit overkill by allowing all protocols. I'd go with Option B to keep things more specific.
upvoted 0 times
Jess
1 year ago
Yeah, Option B is definitely the better choice for this scenario.
upvoted 0 times
...
Izetta
1 year ago
I agree, Option B seems more targeted and specific.
upvoted 0 times
...
...
Leigha
1 year ago
Option B looks good, but I'm not sure if allowing all protocols is necessary. Maybe we can limit it to just TCP:8080 for both rules.
upvoted 0 times
...
Jeanice
1 year ago
Hmm, this seems straightforward. I think option B is the way to go, as it specifically targets the service accounts for each tier.
upvoted 0 times
Rebbecca
1 year ago
By following option B, you can establish the required TCP port 8080 communication between the tiers effectively.
upvoted 0 times
...
Boris
1 year ago
It's important to set up the rules correctly to allow the necessary communication while maintaining security measures.
upvoted 0 times
...
Beckie
1 year ago
Creating firewall rules based on the service accounts associated with each tier ensures a secure and controlled communication flow.
upvoted 0 times
...
Laticia
1 year ago
I agree, option B looks like the most appropriate choice for enabling communication between the tiers.
upvoted 0 times
...
...
Dan
1 year ago
Why do you think C is the correct answer?
upvoted 0 times
...
Tennie
1 year ago
I disagree, I believe the correct answer is C.
upvoted 0 times
...
Dan
1 year ago
I think the answer is B.
upvoted 0 times
...

Save Cancel