Google Professional Cloud Network Engineer Exam - Topic 1 Question 56 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam

Question #: 56
Topic #: 1

[All Professional Cloud Network Engineer Questions]

You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can connect.

What should you do?

ACreate a secure perimeter using the Access Context Manager feature of VPC Service Controls and restrict access to the source IP range of the allowed clients and Google health check IP ranges.

BCreate a secure perimeter using VPC Service Controls, and mark the load balancer as a service restricted to the source IP range of the allowed clients and Google health check IP ranges.

CTag the backend instances 'application,' and create a firewall rule with target tag 'application' and the source IP range of the allowed clients and Google health check IP ranges.

DLabel the backend instances 'application,' and create a firewall rule with the target label 'application' and the source IP range of the allowed clients and Google health check IP ranges.

Show Suggested Answer

Suggested Answer: C

https://cloud.google.com/load-balancing/docs/https/setting-up-https#sendtraffic

by Hubert at Aug 22, 2022, 03:26 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lilli

4 months ago

Wait, can you really restrict IPs like that? Sounds tricky!

upvoted 0 times

...

Annelle

4 months ago

D? Really? That seems overly complicated.

upvoted 0 times

...

Lorean

4 months ago

C sounds good, but isn't it a bit outdated?

upvoted 0 times

...

Brock

4 months ago

I think B makes more sense for load balancers.

upvoted 0 times

...

Aja

4 months ago

A is the way to go for secure access!

upvoted 0 times

...

Desire

5 months ago

I believe VPC Service Controls are more about data security than just IP restrictions, so I’m leaning towards options C or D for this question.

upvoted 0 times

...

Werner

5 months ago

I’m a bit confused about the difference between tagging and labeling instances. I think both options C and D could work, but I can't recall which one is more appropriate.

upvoted 0 times

...

Kimberely

5 months ago

I remember practicing a question similar to this, and I feel like using firewall rules is a more straightforward solution. Maybe option C or D?

upvoted 0 times

...

Yasuko

5 months ago

I think option A sounds familiar, but I'm not entirely sure if Access Context Manager is the right approach for just IP restrictions.

upvoted 0 times

...

Glenna

5 months ago

This seems like a tricky one. I'll need to think through the requirements carefully to determine the best network type.

upvoted 0 times

...

Mammie

5 months ago

Hmm, I'm a bit unsure about this one. The wording is a bit confusing, and I want to make sure I understand the requirements before selecting an answer.

upvoted 0 times

...

Jesusita

5 months ago

Okay, I've got this. The underlined text is incorrect - CREATE TABLE is used to create new tables, not remove them. The correct command for removing a table is DROP TABLE.

upvoted 0 times

...