Topic 1 Question 236
Your organization, TerramEarth, is launching a global application to manage credit card payments. There are some client VMs inside the same VPC as the application that need to access this application privately. Due to compliance requirements, the internal clients cannot use the global external IP address of the application. Currently, Cloud DNS only resolves myglobalapp.terramearth.com to the public IP address with a public zone. The clients will need to reach myglobalapp.example.com, without using its external IP address. You need to configure Cloud DNS to follow this requirement while following Google-recommended practices. What should you do?
Create a sub-domain named internal.terramearth.com. Add the new DNS entry (myglobalapp.internal.terramearth.com) to the sub-domain pointing to the internal IP address from the application VM.
Configure a query logic script inside Cloud DNS to check the source IP address from the VPC, and respond with a modified DNS record to include the internal IP address from the application VM.
Configure a private zone for the application record (myglobalapp.terramearth.com) and point to the internal IP address of the application VM. Bind this zone to the VPC.
Promote the ephemeral IP address from the application VM to static, add this static ip address to each internal client's host file, and change the myglobalapp.terramearth.com DNS record to this new static IP address.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: C
Agree, C is correct
👍 109bd94b2025/02/24
シャッフルモード