You want to set up a secure, internal network within Google Cloud for database servers. The servers must not have any direct communication with the public internet. What should you do?
A.
Assign a private IP address to each database server. Use a NAT gateway to provide internet connectivity to the database servers.
B.
Assign a static public IP address to each database server. Use firewall rules to restrict external access.
C.
Create a VPC with a private subnet. Assign a private IP address to each database server.
D.
Assign both a private IP address and a public IP address to each database server.
If the question wanted you to allow INDIRECT access (like NAT), it should have been clearer about that. Instead, it's leaving room for pointless debate.
In real-world best practices, databases should be in a private subnet with zero internet exposure unless absolutely required (e.g., for updates via a controlled egress path).
So yeah, the question is badly worded, and people arguing for NAT are just nitpicking "direct" instead of focusing on security principles!!! SO ANSWER "C" MY DEARS!
I think A because it says
"The servers must not have any direct communication with the public internet."
Not direct bur suggest can be indirect access to internet
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
snti9999
1 week agoYourFriendlyNeighborhoodSpider
1 month, 1 week agodlenehan
3 months, 3 weeks agoZek
4 months, 2 weeks agodv1
6 months agoYourFriendlyNeighborhoodSpider
1 month, 1 week agoMoAk
5 months agoJohnDohertyDoe
3 months, 3 weeks agoabdelrahman89
6 months, 1 week agoYourFriendlyNeighborhoodSpider
1 month, 1 week ago