Topic 1 Question 143
Your organization hosts a financial services application running on Compute Engine instances for a third-party company. The third-party company's servers that will consume the application also run on Compute Engine in a separate Google Cloud organization. You need to configure a secure network connection between the Compute Engine instances. You have the following requirements: ✑ The network connection must be encrypted. ✑ The communication between servers must be over private IP addresses. What should you do?
Configure a Cloud VPN connection between your organization's VPC network and the third party's that is controlled by VPC firewall rules.
Configure a VPC peering connection between your organization's VPC network and the third party's that is controlled by VPC firewall rules.
Configure a VPC Service Controls perimeter around your Compute Engine instances, and provide access to the third party via an access level.
Configure an Apigee proxy that exposes your Compute Engine-hosted application as an API, and is encrypted with TLS which allows access only to the third party.
ユーザの投票
コメント(13)
- 正解だと思う選択肢: B
Google encrypts and authenticates data in transit at one or more network layers when data moves outside physical boundaries not controlled by Google or on behalf of Google. All VM-to-VM traffic within a VPC network and peered VPC networks is encrypted. https://cloud.google.com/docs/security/encryption-in-transit#cio-level_summary
👍 4GHOST19852022/09/22 A and B is correct, Cloud VPN are encrypted, VPC Peering might be unencrypted but this docs said it's encrypted. https://cloud.google.com/docs/security/encryption-in-transit#virtual_machine_to_virtual_machine
👍 3soltium2022/10/12- 正解だと思う選択肢: B
B
VPC Network Peering gives you several advantages over using external IP addresses or VPNs to connect networks
👍 2Littleivy2022/11/12
シャッフルモード