Topic 1 Question 72
Your web application has several VM instances running within a VPC. You want to restrict communications between instances to only the paths and ports you authorize, but you don't want to rely on static IP addresses or subnets because the app can autoscale. How should you restrict communications?
Use separate VPCs to restrict traffic
Use firewall rules based on network tags attached to the compute instances
Use Cloud DNS and only allow connections from authorized hostnames
Use service accounts and configure the web application to authorize particular service accounts to have access
ユーザの投票
コメント(17)
Agree B
👍 24AWS562020/01/12Answer is B
👍 4MamthaSJ2021/07/08B. Use firewall rules based on network tags attached to the compute instances
To restrict communications between VM instances within a VPC without relying on static IP addresses or subnets, you can use firewall rules based on network tags attached to the compute instances. This will allow you to specify which instances are allowed to communicate with each other and on which paths and ports. You can then attach the relevant network tags to the compute instances when they are created, allowing you to control communication between the instances without relying on static IP addresses or subnets.
👍 4omermahgoub2022/12/21
シャッフルモード