exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam

Exam Associate Cloud Engineer topic 1 question 202 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 202
Topic #: 1
[All Associate Cloud Engineer Questions]

You have an application that runs on Compute Engine VM instances in a custom Virtual Private Cloud (VPC). Your company’s security policies only allow the use of internal IP addresses on VM instances and do not let VM instances connect to the internet. You need to ensure that the application can access a file hosted in a Cloud Storage bucket within your project. What should you do?

  • A. Enable Private Service Access on the Cloud Storage Bucket.
  • B. Add storage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list of protected projects.
  • C. Enable Private Google Access on the subnet within the custom VPC.
  • D. Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
juliorevk
Highly Voted 1 year, 4 months ago
Selected Answer: C
Private Google Access lets you connect VM instances to GCP services without external IP addresses and only internal. A is wrong because even though Private Services Access lets you also access GCP and other services through internal IPs, it also allows the VMs to have external IPs. https://cloud.google.com/vpc/docs/private-google-access
upvoted 5 times
...
Captain1212
Highly Voted 1 year, 2 months ago
Selected Answer: C
C is the correct Answer as Private Google Access allows you to the connect on the internal networks, A is incorrect becuause Cloud Storage bucket dont have such services to connect to Private Acesss`
upvoted 5 times
...
scanner2
Most Recent 1 year, 3 months ago
Selected Answer: C
Cloud Storage is not a supported service for Private Service Access. Hence, A cannot be the answer. https://cloud.google.com/vpc/docs/private-services-access#private-services-supported-services VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services. If you disable Private Google Access, the VM instances can no longer reach Google APIs and services; they can only send traffic within the VPC network. https://cloud.google.com/vpc/docs/private-google-access
upvoted 5 times
...
FJ82
1 year, 5 months ago
Selected Answer: C
Private Google Access is a VPC feature
upvoted 4 times
...
TomFoot
1 year, 5 months ago
Selected Answer: C
C allows access to Google services & API's
upvoted 1 times
...
georgesouzafarias
1 year, 5 months ago
Selected Answer: C
Right answer.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...