New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Network Engineer Exam - Topic 2 Question 104 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 104
Topic #: 2
[All Professional Cloud Network Engineer Questions]

Your organization has a new security policy that requires you to monitor all egress traffic payloads from your virtual machines in the us-west2 region. You deployed an intrusion detection system (IDS) virtual appliance in the same region to meet the new policy. You now need to integrate the IDS into the environment to monitor all egress traffic payloads from us-west2. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

Packet Mirroring with an internal TCP/UDP load balancer allows for comprehensive monitoring of egress traffic, which includes payloads. This is required for integration with an IDS for detailed inspection of traffic payloads, meeting the security policy needs for monitoring and detection.


by Francene at Mar 20, 2025, 06:36 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tanja
3 months ago
Really? I’m surprised they didn’t mention using a third-party IDS.
upvoted 0 times
...
Abel
3 months ago
I’m leaning towards C, but not sure if it’s the best fit.
upvoted 0 times
...
Lavonna
3 months ago
I think option B is the way to go for egress traffic.
upvoted 0 times
...
Jesusa
3 months ago
Definitely agree with that! Packet Mirroring is key here.
upvoted 0 times
...
Denna
3 months ago
Wait, why not just use option D? VPC Flow Logs seem easier.
upvoted 0 times
...
Pilar
4 months ago
I feel like enabling firewall logging might be too basic for this requirement; the IDS integration seems more complex than just forwarding logs.
upvoted 0 times
...
Kristel
4 months ago
I practiced a similar question where we had to use packet mirroring, but I can't recall if it was for egress or ingress traffic.
upvoted 0 times
...
Jerlene
4 months ago
I think enabling VPC Flow Logs could be a good option, but I’m not clear on how to set up the sink to send logs to the IDS.
upvoted 0 times
...
Nakita
4 months ago
I remember something about using load balancers for traffic monitoring, but I'm not sure if it should be HTTP(S) or TCP/UDP for this scenario.
upvoted 0 times
...
Rashad
4 months ago
Alright, time to put my networking skills to the test. Let me carefully consider each option and see which one is the most effective solution.
upvoted 0 times
...
Crista
5 months ago
I've got a good feeling about this one. I think option B is the way to go, but I'll double-check the details just to be sure.
upvoted 0 times
...
Carlota
5 months ago
Whoa, this is a tough one. I'm a bit confused by all the networking terms, but I'll give it my best shot.
upvoted 0 times
...
Carla
5 months ago
Okay, I think I've got a strategy here. Let me walk through the options and see which one makes the most sense.
upvoted 0 times
...
Tommy
5 months ago
Hmm, this seems like a tricky one. I'll need to carefully read through the options and think about the best approach.
upvoted 0 times
...
Deeanna
11 months ago
Packet Mirroring is the way to go, but I can't decide if I should use HTTP(S) or TCP/UDP. Maybe I should just flip a coin, or ask the IDS for its opinion.
upvoted 0 times
Major
9 months ago
Yeah, I agree. It's a reliable option for integrating the IDS to monitor egress traffic.
upvoted 0 times
...
Pearlene
9 months ago
B) Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
Whitney
10 months ago
That sounds like a good plan. HTTP(S) load balancer should work well for monitoring egress traffic.
upvoted 0 times
...
Lorrie
10 months ago
B) Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
...
Lilli
11 months ago
Option A? Seriously? Forwarding firewall logs to the IDS? That's so 2010, man. We're in the 21st century, let's use some modern tech like Packet Mirroring!
upvoted 0 times
Ardella
10 months ago
C) Create an internal TCP/UDP load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
Lon
10 months ago
B) Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
...
Curtis
11 months ago
I'm torn between B and C. Both of them involve using Packet Mirroring, but I'm not sure if I should go with HTTP(S) or TCP/UDP load balancer. Hmm, decisions, decisions.
upvoted 0 times
...
Bernardine
11 months ago
I'd go with Option D. Enabling VPC Flow Logs and creating a sink in Cloud Logging to send the filtered egress logs to the IDS seems like a neat and tidy solution.
upvoted 0 times
Garry
11 months ago
Definitely, Option D simplifies the process of integrating the IDS to monitor all egress traffic from us-west2.
upvoted 0 times
...
Cherri
11 months ago
I agree, Option D is the way to go. It provides a straightforward solution for monitoring egress traffic payloads.
upvoted 0 times
...
Staci
11 months ago
Option D sounds like the best choice. Enabling VPC Flow Logs and creating a sink in Cloud Logging seems efficient.
upvoted 0 times
...
...
Oliva
11 months ago
I agree with Erick, VPC Flow Logs are more comprehensive for monitoring egress traffic.
upvoted 0 times
...
Erick
12 months ago
I disagree, I believe option D is the best choice as it involves VPC Flow Logs.
upvoted 0 times
...
Ceola
12 months ago
I think we should go with option A and enable firewall logging.
upvoted 0 times
...
Leonida
12 months ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
Naomi
11 months ago
I think I'll go ahead and implement that solution to integrate the IDS into the environment for monitoring egress traffic from us-west2.
upvoted 0 times
...
Bonita
11 months ago
I agree, it's a good way to ensure all egress traffic payloads are monitored as required by the new security policy.
upvoted 0 times
...
Gennie
11 months ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
...
...

Save Cancel