Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Google Discussions

Exam Professional Cloud DevOps Engineer topic 1 question 101 discussion

Actual exam question from Google's Professional Cloud DevOps Engineer
Question #: 101
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

You are managing an application that runs in Compute Engine. The application uses a custom HTTP server to expose an API that is accessed by other applications through an internal TCP/UDP load balancer. A firewall rule allows access to the API port from 0.0.0.0/0. You need to configure Cloud Logging to log each IP address that accesses the API by using the fewest number of steps. What should you do first?

  • A. Enable Packet Mirroring on the VPC.
  • B. Install the Ops Agent on the Compute Engine instances.
  • C. Enable logging on the firewall rule.
  • D. Enable VPC Flow Logs on the subnet.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ManishKS at Oct. 1, 2023, 1:48 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
PrayasMohanty
Highly Voted 6 months, 3 weeks ago
Selected Answer: D
Option D uses fewest number of steps.
upvoted 6 times
...
N_A
Most Recent 1 month ago
Selected Answer: C
Be careful. The question states "each IP address that accesses the API". VPC Flow Logs is sampling records: "VPC Flow Logs records a sample of network flows sent from and received by VM instances, including instances used as GKE nodes. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization." Source: https://cloud.google.com/vpc/docs/using-flow-logs C. Is the correct answer.
upvoted 1 times
...
xhilmi
4 months, 3 weeks ago
Selected Answer: D
Choose option D. To configure Cloud Logging to log each IP address accessing the API with the fewest steps in a Compute Engine environment using an internal TCP/UDP load balancer, the first step would be to enable VPC Flow Logs on the subnet. That will allows you to capture network flow information, including source and destination IP addresses, as traffic passes through the load balancer. VPC Flow Logs provide detailed visibility into network activity without requiring modifications to individual instances or the installation of additional agents. Enabling VPC Flow Logs is a straightforward and efficient way to capture the necessary information for logging IP addresses accessing the API in a Compute Engine environment.
upvoted 3 times
...
ManishKS
7 months ago
D. Enable VPC Flow Logs on the subnet. This will capture the network traffic details you need for logging in Cloud Logging without requiring additional configurations on the instances or firewall rules.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel