Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Network Engineer Topic 2 Question 104 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 104
Topic #: 2
[All Professional Cloud Network Engineer Questions]

Your organization has a new security policy that requires you to monitor all egress traffic payloads from your virtual machines in the us-west2 region. You deployed an intrusion detection system (IDS) virtual appliance in the same region to meet the new policy. You now need to integrate the IDS into the environment to monitor all egress traffic payloads from us-west2. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

Packet Mirroring with an internal TCP/UDP load balancer allows for comprehensive monitoring of egress traffic, which includes payloads. This is required for integration with an IDS for detailed inspection of traffic payloads, meeting the security policy needs for monitoring and detection.


by Francene at Mar 20, 2025, 06:36 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Deeanna
1 months ago
Packet Mirroring is the way to go, but I can't decide if I should use HTTP(S) or TCP/UDP. Maybe I should just flip a coin, or ask the IDS for its opinion.
upvoted 0 times
Whitney
22 days ago
That sounds like a good plan. HTTP(S) load balancer should work well for monitoring egress traffic.
upvoted 0 times
...
Lorrie
26 days ago
B) Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
...
Lilli
1 months ago
Option A? Seriously? Forwarding firewall logs to the IDS? That's so 2010, man. We're in the 21st century, let's use some modern tech like Packet Mirroring!
upvoted 0 times
Ardella
22 days ago
C) Create an internal TCP/UDP load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
Lon
1 months ago
B) Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.
upvoted 0 times
...
...
Curtis
2 months ago
I'm torn between B and C. Both of them involve using Packet Mirroring, but I'm not sure if I should go with HTTP(S) or TCP/UDP load balancer. Hmm, decisions, decisions.
upvoted 0 times
...
Bernardine
2 months ago
I'd go with Option D. Enabling VPC Flow Logs and creating a sink in Cloud Logging to send the filtered egress logs to the IDS seems like a neat and tidy solution.
upvoted 0 times
Garry
1 months ago
Definitely, Option D simplifies the process of integrating the IDS to monitor all egress traffic from us-west2.
upvoted 0 times
...
Cherri
2 months ago
I agree, Option D is the way to go. It provides a straightforward solution for monitoring egress traffic payloads.
upvoted 0 times
...
Staci
2 months ago
Option D sounds like the best choice. Enabling VPC Flow Logs and creating a sink in Cloud Logging seems efficient.
upvoted 0 times
...
...
Oliva
2 months ago
I agree with Erick, VPC Flow Logs are more comprehensive for monitoring egress traffic.
upvoted 0 times
...
Erick
2 months ago
I disagree, I believe option D is the best choice as it involves VPC Flow Logs.
upvoted 0 times
...
Ceola
2 months ago
I think we should go with option A and enable firewall logging.
upvoted 0 times
...
Leonida
2 months ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
Naomi
2 months ago
I think I'll go ahead and implement that solution to integrate the IDS into the environment for monitoring egress traffic from us-west2.
upvoted 0 times
...
Bonita
2 months ago
I agree, it's a good way to ensure all egress traffic payloads are monitored as required by the new security policy.
upvoted 0 times
...
Gennie
2 months ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
...
...

Save Cancel