makeporngreatagain.pro
yeahporn.top
hd xxx
Uncategorized

Practice Test 4 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test

3,544

Question 4

Your custom VPC network has four GCE instances and two firewall rules with the configuration shown below.

  1. VM1 has an external IP and network tag = allow-inbound.
  2. VM2 has an external IP
  3. VM3 has no external IP and a network tag = server
  4. VM4 has no external IP and a network tag = client
Firewall Rule1 Firewall Rule2
direction: ingress
action: allow
protocols: TCP
source ranges: 0.0.0.0/0
target tags: allow-inbound
priority: 1000		 direction: ingress
action: allow
protocols: TCP
source tags: client
target tags: server
priority: 1000

Which of the options below is not true?

A. VM2 can communicate with VM1
B. VM4 is able to communicate with VM1
C. VM1 is reachable the internet
D. VM2 is unable to communicate with other VMs in the network and is unreachable from the internet

Answer

Answer: D

Option A is correct, VM2 would be able to communicate with VM1. Because VM 1 has an external IP, this rule also permits incoming TCP traffic from external hosts on the internet and from VM 2 via external IP addresses

Options B: VM4 is able to communicate with VM1: Yes VM4 can communicate with VM1

Option C: VM1 is reachable on the internet: It’s correct.

Option D: VM2 is unable to communicate with other VMs in the network and is unreachable from the internet

VM2 can communicate with VM1 and Option D is false statement.

  • An ingress rule with priority 1000 is applicable to VM 1. This rule allows incoming TCP traffic from any source (0.0.0.0/0). TCP traffic from other instances in the VPC network is allowed, subject to applicable egress rules for those other instances. VM 4 is able to communicate with VM 1 over TCP because VM 4 has no egress rule blocking such communication (only the implied allow egress rule is applicable). Because VM 1 has an external IP, this rule also permits incoming TCP traffic from external hosts on the internet and from VM 2 via external IP addresses.
  • VM 2 has no specified ingress firewall rule, so the implied deny ingress rule blocks all incoming traffic. Connections from other instances in the network are blocked, regardless of egress rules for the other instances. Because VM 2 has an external IP, there is a path to it from external hosts on the internet, but the implied deny ingress rule blocks external incoming traffic as well.
  • An ingress rule with priority 1000 is applicable to VM 3. This rule allows TCP traffic from instances in the network with the network tag client, such as VM 4. TCP traffic from VM 4 to VM 3 is allowed because VM 4 has no egress rule blocking such communication (only the implied allow egress rule is applicable). Because VM 3 does not have an external IP, there is no path to it from external hosts on the internet.

 Reference:

admin
You might also like More from author

Comments are closed, but trackbacks and pingbacks are open.

baseofporn.com https://www.opoptube.com
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.