Practice Test 2 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test
Your team has launched a number of GCE instances into a GCP VPC. The security team needs to be able to review the logs of the all traffic to and from instances in the network. Which of the following will provide the needed logs? Choose two.
A. Cloud Audit logs.
B. Load Balancer logs
C. Firewall logs.
D. VPC Flow logs.
Answer: C & D
Option A is incorrect because Cloud Audit logs gives visibility into user actions on GCP who did what, when and where.
Option B is incorrect because this provides information on the traffic to and from the load balancer
Option C is correct because this shows traffic (allowed or denied) that has matched a firewall rule
Option D is correct because this captures samples of the traffic flowing in and out of the subnet.
See https://cloud.google.com/vpc/docs/firewall-rules-logging for more on firewall logs
See https://cloud.google.com/vpc/docs/flow-logs for more on VPC flow logs
Comments are closed, but trackbacks and pingbacks are open.