hiexam
google · Professional-Cloud-Network-Engineer · Q424 · multiple_choice · topic_1

You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can conne…

You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can connect. What should you do?
  • A.Create a secure perimeter using the Access Context Manager feature of VPC Service Controls and restrict access to the source IP range of the allowed clients and Google health check IP ranges.
  • B.Create a secure perimeter using VPC Service Controls, and mark the load balancer as a service restricted to the source IP range of the allowed clients and Google health check IP ranges.
  • C.Tag the backend instances "application," and create a firewall rule with target tag "application" and the source IP range of the allowed clients and Google health check IP ranges.
  • D.Label the backend instances "application," and create a firewall rule with the target label "application" and the source IP range of the allowed clients and Google health check IP ranges.
Explanation
Answer C. This question is actually asking specifically about using firewall with a Network LB, because Network Load Balancing is a pass-through load balancer, you control access to the load balancer's backends using Google Cloud firewall rules. https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#firewall_rules

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing