Topic 1 Question 65
A customer has an analytics workload running on Compute Engine that should have limited internet access. Your team created an egress firewall rule to deny (priority 1000) all traffic to the internet. The Compute Engine instances now need to reach out to the public repository to get security updates. What should your team do?
Create an egress firewall rule to allow traffic to the CIDR range of the repository with a priority greater than 1000.
Create an egress firewall rule to allow traffic to the CIDR range of the repository with a priority less than 1000.
Create an egress firewall rule to allow traffic to the hostname of the repository with a priority greater than 1000.
Create an egress firewall rule to allow traffic to the hostname of the repository with a priority less than 1000.
ユーザの投票
コメント(16)
Answer is B. Lower number is higher priority and dest is only IP ranges in firewall rules
👍 23dtmtor2021/03/20I think I am confusing myself by overthinking the wording of this question. I know the answer is A or B since "using hostname is not one of the options in firewall egress rule destination" I also know that "The firewall rule priority is an integer from 0 to 65535, inclusive. Lower integers indicate higher priorities." I know that I could resolve this by setting TCP port 80 rule to a priority of 500 (smaller number, but higher priority) and be done. Where i'm second guessing myself, is Google referring to the integer or strictly priority? If integer then i'd choose B "priority less than 1000 (smaller number)", if priority then i'd choose A "priority greater than 1000" (still the lower number). Have I thoroughly confused this question? I"m leaning toward the answer being "A:
👍 5Rithac2021/06/17Answer-B
👍 4Raushanr2020/09/17
シャッフルモード