PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #21
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #21: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #21. The question stem and answer options stay visible for context.
Question
You have an application where the frontend is deployed on a managed instance group in subnet A and the data layer is stored on a mysql Compute Engine virtual machine (VM) in subnet B on the same VPC. Subnet A and Subnet B hold several other Compute Engine VMs. You only want to allow thee application frontend to access the data in the application's mysql instance on port 3306. What should you do?
Options
- AConfigure an ingress firewall rule that allows communication from the src IP range of subnet A to
- BConfigure an ingress firewall rule that allows communication from the frontend's unique service
- CConfigure a network tag "fe-tag" to be applied to all instances in subnet A and a network tag
- DConfigure a network tag "fe-tag" to be applied to all instances in subnet A and a network tag
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.