PROFESSIONAL-CLOUD-NETWORK-ENGINEER Question #205: Real Exam Question with Answer & Explanation

Question

You are implementing firewall controls to protect your compute resources in a newly created VPC. To make the protection process easier to manage and control, you've defined the hierarchical firewall policies, global network firewall policies, and VPC firewall rules. The configuration of rules defines the following characteristics: - The hierarchical firewall policy, bound at the organization level, is allowing/denying specific external traffic. - There is a global network firewall policy with rules that enforce intrusion prevention system (IPS) capabilities for specific external inbound/outbound traffic. - The VPC firewall rules allow internal communication from RFC 1918 defined subnets communications. - The VPC firewall contains an explicit deny rule with logs enabled. This configuration was successful in multiple preexisting VPCs. However, you noticed that the logs were missing when you were reviewing a newly created VPC. All external communications are hanging, but internal traffic is working as expected. You want to fix the connectivity issue. What should you do?

Options

• ACreate a new VPC and migrate existing resources to the new VPC. Delete the old VPC, and
• BRaise the priority numbers of the firewall policy rules and lower the priority numbers of the VPC
• CReview the order in which the VPC firewall rules and policies are evaluated. If the VPC firewall
• DLower the priority numbers of the firewall policy rules and raise the priority numbers of the VPC