Topic 1 Question 210
Your team is using Linux instances on Google Cloud. You need to ensure that your team logs in to these instances in the most secure and cost efficient way. What should you do?
Attach a public IP to the instances and allow incoming connections from the internet on port 22 for SSH.
Use the gcloud compute ssh command with the --tunnel-through-iap flag. Allow ingress traffic from the IP range 35.235.240.0/20 on port 22.
Use a third party tool to provide remote access to the instances.
Create a bastion host with public internet access. Create the SSH tunnel to the instance through the bastion host.
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B
Common sense B is the correct answer , must safer from using the third party apps or the public id addresses
👍 5Captain12122023/09/09 Understood about IAP being a secure way to SSH but where did the "Allow ingress traffic from the IP range 35.235.240.0/20 on port 22." come from and how does that fit in? The question had no details about it and the IP range seemed to come out of nowhere.
👍 4juliorevk2023/08/03- 正解だと思う選択肢: B
You can use Bastion if
"You have a specific use case, like session recording, and you can't use IAP." https://cloud.google.com/compute/docs/connect/ssh-internal-ip👍 43arle2023/08/06
シャッフルモード