Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test
A GCP VPC has two subnets, subnet A and subnet B, with one Compute engine instance each. You have created two firewall rules with logging enabled.
- Rule 1 is an egress firewall rule to allow traffic from the instances in the network to subnet B on port 80.
- Rule 2 is an ingress firewall rule to allow traffic to all the instances in the network from subnet A on port 80.
The Compute Engine in subnet A attempts to connect to the Compute Engine in Subnet B.
Which of the following statements is TRUE? (Select TWO)
A. Traffic into VM B from VM A is allowed and a log entry for rule 2 is created.
B. Traffic into VM B from VM A is denied and a log entry for rule 2 is created.
C. Traffic from VM A to VM B is allowed and a log entry for rule 1 is created.
D. Traffic into VM A to VM B is denied and a log entry for rule 1 is created .
Correct Answers: A and C
- Option A is CORRECT. Traffic into VM B from VM A will be allowed, and logs for Rule 2 will be created.
- Option B is incorrect. Rule 2 is an allow rule.
- Option C is CORRECT. Traffic from VM A to VM B will be allowed, and logs for Rule 1 will be created.
- Option D is incorrect. Rule 1 is an allow rule.
Reference:
Comments are closed, but trackbacks and pingbacks are open.