- Home
- Google Certified Professional - Cloud Architect (GCP)
- Google.Professional-Cloud-Architect.v2019-07-08.q76
- Question 4
Valid Professional-Cloud-Architect Dumps shared by ExamDiscuss.com for Helping Passing Professional-Cloud-Architect Exam! ExamDiscuss.com now offer the newest Professional-Cloud-Architect exam dumps, the ExamDiscuss.com Professional-Cloud-Architect exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Professional-Cloud-Architect dumps with Test Engine here:
Access Professional-Cloud-Architect Dumps Premium Version
(282 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 4/76
All compute Engine instances in your VPC should be able to connect to an Active Directory server on
specific ports. Any other traffic emerging from your instances is not allowed. You want to enforce this using
VPC firewall rules.
How should you configure the firewall rules?
specific ports. Any other traffic emerging from your instances is not allowed. You want to enforce this using
VPC firewall rules.
How should you configure the firewall rules?
Correct Answer: B
- Question List (76q)
- 2 commentQuestion 1: Your web application uses Google Kubernetes Engine to manage...
- Question 2: JencoMart has decided to migrate user profile storage to Goo...
- Question 3: You have created several pre-emptible Linux virtual machine ...
- 5 commentQuestion 4: All compute Engine instances in your VPC should be able to c...
- 4 commentQuestion 5: As part of Dress4Win's plans to migrate to the cloud, they w...
- Question 6: For this question, refer to the Dress4Win case study. You ar...
- Question 7: A development manager is building a new application. He asks...
- Question 8: A few days after JencoMart migrates the user credentials dat...
- Question 9: JencoMart wants to move their User Profiles database to Goog...
- Question 10: TerramEarth's CTO wants to use the raw data from connected v...
- Question 11: Which of TerramEarth's legacy enterprise processes will expe...
- Question 12: TerramEarth's 20 million vehicles are scattered around the w...
- 1 commentQuestion 13: For this question, refer to the Mountkirk Games case study. ...
- Question 14: Mountkirk Games wants you to design their new testing strate...
- Question 15: Your company has successfully migrated to the cloud and want...
- Question 16: For this question, refer to the Mountkirk Games case study. ...
- 2 commentQuestion 17: For this question, refer to the TerramEarth case study. You ...
- 1 commentQuestion 18: Your customer runs a web service used by e-commerce sites to...
- 1 commentQuestion 19: The current Dress4win system architecture has high latency t...
- Question 20: JencoMart has built a version of their application on Google...
- Question 21: For this question, refer to the Mountkirk Games case study. ...
- Question 22: The JencoMart security team requires that all Google Cloud P...
- Question 23: Your company's test suite is a custom C++ application that r...
- Question 24: For this question, refer to the Mountkirk Games case study. ...
- 1 commentQuestion 25: TerramEarth plans to connect all 20 million vehicles in the ...
- Question 26: Dress4Win has configured a new uptime check with Google Stac...
- Question 27: You have an application that makes HTTP requests to Cloud St...
- Question 28: Your company is migrating its on-premises data center into t...
- Question 29: The Dress4Win security team has disabled external SSH access...
- Question 30: Your customer is moving their corporate applications to Goog...
- 1 commentQuestion 31: Your agricultural division is experimenting with fully auton...
- Question 32: Mountkirk Games' gaming servers are not automatically scalin...
- Question 33: You want to ensure Dress4Win's sales and tax records remain ...
- 1 commentQuestion 34: Your architecture calls for the centralized collection of al...
- Question 35: You want to establish a Compute Engine application in a sing...
- Question 36: TerramEarth has equipped all connected trucks with servers a...
- Question 37: Dress4Win has asked you for advice on how to migrate their o...
- Question 38: Dress4Win would like to become familiar with deploying appli...
- 1 commentQuestion 39: For this question, refer to the TerramEarth case study. Terr...
- 1 commentQuestion 40: You are migrating your on-premises solution to Google Cloud ...
- Question 41: To speed up data retrieval, more vehicles will be upgraded t...
- Question 42: Mountkirk Games wants to set up a real-time analytics platfo...
- Question 43: Operational parameters such as oil pressure are adjustable o...
- Question 44: You analyzed TerramEarth's business requirement to reduce do...
- Question 45: You need to reduce the number of unplanned rollbacks of erro...
- Question 46: Mountkirk Games needs to create a repeatable and configurabl...
- Question 47: You are working in a highly secured environment where public...
- Question 48: For this question, refer to the Mountkirk Games case study. ...
- Question 49: Your company creates rendering software which users can down...
- Question 50: You are using Cloud CDN to deliver static HTTP(S) website co...
- Question 51: As part of their new application experience, Dress4Wm allows...
- Question 52: For this question, refer to the TerramEarth case study. Cons...
- Question 53: For this question, refer to the Mountkirk Games case study. ...
- Question 54: You are running a cluster on Kubernetes Engine to serve a we...
- Question 55: You are tasked with building an online analytical processing...
- Question 56: For this question, refer to the Dress4Win case study. Consid...
- Question 57: You have an App Engine application that needs to be updated....
- Question 58: The database administration team has asked you to help them ...
- Question 59: At Dress4Win, an operations engineer wants to create a tow-c...
- Question 60: Your development team has created a structured API to retrie...
- Question 61: For this question, refer to the Dress4Win case study. Which ...
- Question 62: (Exhibit) The migration of JencoMart's application to Google...
- Question 63: The TerramEarth development team wants to create an API to m...
- Question 64: Mountkirk Games has deployed their new backend on Google Clo...
- Question 65: For this question, refer to the Dress4Win case study. Dress4...
- Question 66: Mountkirk Games wants to set up a continuous delivery pipeli...
- Question 67: For this question, refer to the TerramEarth case study. To b...
- Question 68: For this question, refer to the Dress4Win case study. To be ...
- Question 69: Your company operates nationally and plans to use GCP for mu...
- Question 70: For this question, refer to the Dress4Win case study. You wa...
- Question 71: For this question, refer to the Mountkirk Games case study. ...
- Question 72: Dress4Win has end-to-end tests covering 100% of their endpoi...
- Question 73: For this question, refer to the TerramEarth case study. A ne...
- Question 74: You need to set up Microsoft SQL Server on GCP. Management r...
- Question 75: For this question, refer to the TerramEarth case study. You ...
- Question 76: Dress4Win has asked you to recommend machine types they shou...
[×]
Download PDF File
Enter your email address to download Google.Professional-Cloud-Architect.v2019-07-08.q76.pdf
Recent Comments (The most recent comments are at the top.)
Answer should be A as per https://cloud.google.com/vpc/docs/firewalls#priority_order_for_firewall_rules
"Lower integers indicate higher priorities" - hence, a rule with 100 will be matched before a rule with 1000. Therefore, AD rule should be 100, deny rule 1000.
Answer C is wrong
https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules
Implied rules
Every VPC network has two implied firewall rules. These rules exist, but are not shown in the Cloud Console:
Implied allow egress rule. An egress rule whose action is allow, destination is 0.0.0.0/0, and priority is the lowest possible (65535) lets any instance send traffic to any destination, except for traffic blocked by Google Cloud. A higher priority firewall rule may restrict outbound access. Internet access is allowed if no other firewall rules deny outbound traffic and if the instance has an external IP address or uses a Cloud NAT instance. For more information, see Internet access requirements.
Implied deny ingress rule. An ingress rule whose action is deny, source is 0.0.0.0/0, and priority is the lowest possible (65535) protects all instances by blocking incoming traffic to them. A higher priority rule might allow incoming access. The default network includes some additional rules that override this one, allowing certain types of incoming traffic
The answer should be A.Please clarify if its B
An egress rule with priority 1000 is applicable to VM 2. This rule denies all outgoing traffic to all destinations (0.0.0.0/0). Outgoing traffic to other instances in the VPC is blocked, regardless of the ingress rules applied to the other instances. Even though VM 2 has an external IP address, this firewall rule blocks its outgoing traffic to external hosts on the Internet.
The answer should be A.Please clarify if its B
An egress rule with priority 1000 is applicable to VM 2. This rule denies all outgoing traffic to all destinations (0.0.0.0/0). Outgoing traffic to other instances in the VPC is blocked, regardless of the ingress rules applied to the other instances. Even though VM 2 has an external IP address, this firewall rule blocks its outgoing traffic to external hosts on the Internet.
The answer of this question should be A , as per me, x
Create an egress rule with priority 1000 to deny all traffic for all instances. Create another egress rule
with priority 100 to allow the Active Directory traffic for all instances.
however correct answer shows as B, could you please help me to understand how?