Topic 1 Question 101
You are managing an application that runs in Compute Engine. The application uses a custom HTTP server to expose an API that is accessed by other applications through an internal TCP/UDP load balancer. A firewall rule allows access to the API port from 0.0.0.0/0. You need to configure Cloud Logging to log each IP address that accesses the API by using the fewest number of steps. What should you do first?
Enable Packet Mirroring on the VPC.
Install the Ops Agent on the Compute Engine instances.
Enable logging on the firewall rule.
Enable VPC Flow Logs on the subnet.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
Option D uses fewest number of steps.
👍 4PrayasMohanty2023/10/10 D. Enable VPC Flow Logs on the subnet.
This will capture the network traffic details you need for logging in Cloud Logging without requiring additional configurations on the instances or firewall rules.
👍 1ManishKS2023/10/01- 正解だと思う選択肢: D
Choose option D.
To configure Cloud Logging to log each IP address accessing the API with the fewest steps in a Compute Engine environment using an internal TCP/UDP load balancer, the first step would be to enable VPC Flow Logs on the subnet. That will allows you to capture network flow information, including source and destination IP addresses, as traffic passes through the load balancer.
VPC Flow Logs provide detailed visibility into network activity without requiring modifications to individual instances or the installation of additional agents. Enabling VPC Flow Logs is a straightforward and efficient way to capture the necessary information for logging IP addresses accessing the API in a Compute Engine environment.
👍 1xhilmi2023/12/05
シャッフルモード