Topic 1 Question 191
You are implementing firewall controls to protect your computer resources in a newly created VPC. To make the protection process easier to manage and control, you've defined the hierarchical firewall policies, global network firewall policies, and VPC firewall rules. The configuration of rules defines the following characteristics:
• The hierarchical firewall policy, bound at the organization level, is allowing/denying spe-cific external traffic. • There is a global network firewall policy with rules that enforce intrusion prevention sys-tem (IPS) capabilities for specific external inbound/outbound traffic. • The VPC firewall rules allow internal communication from RFC 1918 defined subnets communications. • The VPC firewall contains an explicit deny rule with logs enabled.
This configuration was successful in multiple preexisting VF'Cs. However, you noticed that the logs were missing when you were reviewing a newly created VPC. All external communications are hanging, but internal traffic is working as expected. You want to fix the connectivity issue.
What should you do?
Create a new VPC and migrate existing resources to the new VPC. Delete the old VPC, and reapply the firewall policies and rules in the newVPC.
Raise the priority numbers of the firewall policy rules and lower the priority numbers of the VPC firewall rules.
Review the order in which the VPC firewall rules and policies are evaluated. If the VPC firewall rules are being evaluated before firewall policies, switch the order.
Lower the priority numbers of the firewall policy rules and raise the priority numbers of the VPC firewall rules.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: C
this is the only answer with a logical flow
👍 209bd94b2025/02/21 - 正解だと思う選択肢: C
Review to put them in right order
👍 2b0b252025/02/21
シャッフルモード