PROFESSIONAL-CLOUD-NETWORK-ENGINEER · Question #196
PROFESSIONAL-CLOUD-NETWORK-ENGINEER Question #196: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-NETWORK-ENGINEER to reveal the answer and full explanation for question #196. The question stem and answer options stay visible for context.
Question
You have several VMs across multiple VPCs in your cloud environment, which require access to internet endpoints. These VMs cannot have public IP addresses due to security policies, so you plan to use Cloud NAT to provide outbound internet access. Within your VPCs, you have several subnets in each region. You want to ensure that only specific subnets have access to the internet through Cloud NAT. You want to avoid any unintentional configuration issues caused by other administrators, and align to Google-recommended practices. What should you do?
Options
- ACreate a firewall rule in each VPC at priority 500 that targets all instances in the network and
- BCreate a constraints/compute.restrictCloudNATUsage organizational policy constraint. Attach the
- CCreate a firewall rule in each VPC at priority 500 that targets all instances in the network and
- DDeploy Cloud NAT in each VPC, and configure a custom source range that includes the allowed
Unlock PROFESSIONAL-CLOUD-NETWORK-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-NETWORK-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-NETWORK-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.