Google Professional Cloud Security Engineer Exam - Topic 1 Question 51 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 51
Topic #: 1

[All Professional Cloud Security Engineer Questions]

You need to set up two network segments: one with an untrusted subnet and the other with a trusted subnet. You want to configure a virtual appliance such as a next-generation firewall (NGFW) to inspect all traffic between the two network segments. How should you design the network to inspect the traffic?

A1. Set up one VPC with two subnets: one trusted and the other untrusted.
2. Configure a custom route for all traffic (0.0.0.0/0) pointed to the virtual appliance.

B1. Set up one VPC with two subnets: one trusted and the other untrusted.
2. Configure a custom route for all RFC1918 subnets pointed to the virtual appliance.

C1. Set up two VPC networks: one trusted and the other untrusted, and peer them together.
2. Configure a custom route on each network pointed to the virtual appliance.

D1. Set up two VPC networks: one trusted and the other untrusted.
2. Configure a virtual appliance using multiple network interfaces, with each interface connected to one of the VPC networks.

Show Suggested Answer

Suggested Answer: B

by Viola at Jul 29, 2022, 12:21 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Twana

4 months ago

Wait, can you really inspect all traffic like that? Sounds too good to be true!

upvoted 0 times

...

Louis

4 months ago

D is interesting, but multiple interfaces? Seems like a hassle.

upvoted 0 times

...

Nieves

4 months ago

C seems complicated, peering two VPCs? Not sure about that.

upvoted 0 times

...

German

4 months ago

I think B is better, only routing RFC1918 seems safer.

upvoted 0 times

...

Dana

4 months ago

Option A sounds solid, custom route for all traffic is key.

upvoted 0 times

...

Nell

5 months ago

I recall that peering two VPCs could complicate things, but it might be necessary for certain setups. I wonder if option C is the right choice here.

upvoted 0 times

...

Chaya

5 months ago

I think option D sounds familiar from our practice questions. Using multiple interfaces on the virtual appliance seems like a solid way to manage traffic between the two segments.

upvoted 0 times

...

Ernie

5 months ago

I remember discussing the importance of routing traffic through the virtual appliance, but I'm not sure if it's better to use one VPC or two separate ones.

upvoted 0 times

...

Mozell

5 months ago

I’m a bit confused about whether to use custom routes for all traffic or just specific subnets. I feel like I’ve seen both approaches in different scenarios.

upvoted 0 times

...

Rupert

5 months ago

Hmm, this seems like a tricky one. I'll need to think carefully about the differences between the Salesforce APIs and which one would be best for exporting a large dataset.

upvoted 0 times

...

Carissa

5 months ago

Okay, let's see here. The question is asking about the term used to describe a running service in the Services Management Console. I'm going to go with "Started" - that just seems like the most logical choice to me.

upvoted 0 times

...