Topic 1 Question 193
You are configuring the cloud network architecture for a newly created project in Google Cloud that will host applications in Compute Engine. Compute Engine virtual machine instances will be created in two different subnets (sub-a and sub-b) within a single region: • Instances in sub-a will have public IP addresses. • Instances in sub-b will have only private IP addresses.
To download updated packages, instances must connect to a public repository outside the boundaries of Google Cloud. You need to allow sub-b to access the external repository. What should you do?
Enable Private Google Access on sub-b.
Configure Cloud NAT and select sub-b in the NAT mapping section.
Configure a bastion host instance in sub-a to connect to instances in sub-b.
Enable Identity-Aware Proxy for TCP forwarding for instances in sub-b.
ユーザの投票
コメント(6)
- 正解だと思う選択肢: B
IMHO
A -> It doesn't make sense, Public Google Access allows you to access Google APIs without an external IP, which doesnt solve the problem C -> Bastion host is for the opposite purpose; accessing a machine administratively from the outside without an external IP, not a machine without an external IP accessing the outside. D -> It doesn't make sense. B -> It's the recommended solution for GCP
👍 3cchiaramelli2023/10/29 - 正解だと思う選択肢: B
Cloud NAT allows the resources in a private subnet to access the internet—for updates, patching, config management, and more—in a controlled and efficient manner.
👍 2dsyouness2023/09/27 Correct answer is B you will need NAT to access repositories hosted on the public internet
👍 1Murtuza2023/09/24
シャッフルモード