Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services. Which two settings must remain disabled to meet these requirements? (Choose two.)
B & C is the right answer.
Disabling the public IP can still route the traffic via NAT gateway if its configured in the VPC
VPC + NAT (Converts private IP to public ip) -> Internet and vise versa..
Whereas Disabling the IP forwarding will not route any traffic or doesn't act as a gatewy for any communication.
Private google access is enabled at Subnet level not at VM level. I am unsure why its not subnet. If you disable the route to internet- you cannot reach internet.
Correct Answer is AC
Option A : because per GCP documentation, “Prevent internet access to instances by setting them up with only a private IP address” meaning no public IPs.
Option C: because VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
KILLMAD
Highly Voted 5 years, 1 month agorafaelc
5 years, 1 month agoZol
Highly Voted 5 years, 1 month agoCrypt0man27
Most Recent 8 months agoPleeO
1 year agoelad17
2 years agoTanu1912
2 years, 3 months agomj5677
2 years, 4 months agoDevXr
2 years, 4 months agoDevXr
2 years, 4 months agoMathDayMan
2 years, 6 months agoMeyucho
2 years, 7 months agoGCP72
2 years, 8 months agomynk29
3 years, 2 months ago_01_
3 years, 4 months agomistryminded
3 years, 5 months agoa_vi
3 years, 5 months agojayk22
3 years, 6 months ago