ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Data Engineer All Questions

View all questions & answers for the Professional Data Engineer exam
Go to Exam

Exam Professional Data Engineer topic 1 question 307 discussion

Actual exam question from Google's Professional Data Engineer
Question #: 307
Topic #: 1
[All Professional Data Engineer Questions]

You need to connect multiple applications with dynamic public IP addresses to a Cloud SQL instance. You configured users with strong passwords and enforced the SSL connection to your Cloud SQL instance. You want to use Cloud SQL public IP and ensure that you have secured connections. What should you do?

  • A. Add CIDR 0.0.0.0/0 network to Authorized Network. Use Identity and Access Management (IAM) to add users.
  • B. Add all application networks to Authorized Network and regularly update them.
  • C. Leave the Authorized Network empty. Use Cloud SQL Auth proxy on all applications.
  • D. Add CIDR 0.0.0.0/0 network to Authorized Network. Use Cloud SQL Auth proxy on all applications.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by scaenruy at Jan. 4, 2024, 1:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
raaad
Highly Voted 9 months, 2 weeks ago
Selected Answer: C
- Using the Cloud SQL Auth proxy is a recommended method for secure connections, especially when dealing with dynamic IP addresses. - The Auth proxy provides secure access to your Cloud SQL instance without the need for Authorized Networks or managing IP addresses. - It works by encapsulating database traffic and forwarding it through a secure tunnel, using Google's IAM for authentication. - Leaving the Authorized Networks empty means you're not allowing any direct connections based on IP addresses, relying entirely on the Auth proxy for secure connectivity. This is a secure and flexible solution, especially for applications with dynamic IPs.
upvoted 10 times
FreshMind
1 month, 1 week ago
In question "You want to use Cloud SQL public IP", how this could be if "Leaving the Authorized Networks empty means you're not allowing any direct connections based on IP addresses" ?
upvoted 1 times
...
...
JyoGCP
Most Recent 8 months ago
Selected Answer: C
Option C
upvoted 1 times
...
Pukapuiz
9 months, 1 week ago
Selected Answer: C
The Cloud SQL Auth Proxy is a Cloud SQL connector that provides secure access to your instances without a need for Authorized networks or for configuring SSL. https://cloud.google.com/sql/docs/mysql/sql-proxy
upvoted 3 times
...
Matt_108
9 months, 2 weeks ago
Selected Answer: C
always use Cloud SQL Auth proxy if possible
upvoted 1 times
...
Sofiia98
9 months, 2 weeks ago
https://stackoverflow.com/questions/27759356/how-to-authorize-my-dynamic-ip-network-address-in-google-cloud-sql https://stackoverflow.com/questions/24749810/how-to-make-a-google-cloud-sql-instance-accessible-for-any-ip-address
upvoted 4 times
JyoGCP
8 months ago
Links also say not to go with option D. 0.0.0.0/0 which includes all possible IP Addresses is not recommended for security reasons. You have to keep access as restricted as possible.
upvoted 4 times
...
...
Sofiia98
9 months, 2 weeks ago
Selected Answer: D
As for me, after reading documentation, option D looks appropriate
upvoted 1 times
BennyXu
6 months, 2 weeks ago
Save your shxx answer in your dxxb head.
upvoted 1 times
...
...
scaenruy
9 months, 3 weeks ago
Selected Answer: C
C. Leave the Authorized Network empty. Use Cloud SQL Auth proxy on all applications.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago