Exam Professional Cloud Architect topic 1 question 115 discussion

Should be A. For all Google Cloud services secured with VPC Service Controls, you can ensure that: Resources within a perimeter are accessed only from clients within authorized VPC networks using Private Google Access with either Google Cloud or on-premises. https://cloud.google.com/vpc-service-controls/docs/overview

IMHO c is wrong - the question is not to restrict access only for business hours but to restrict access to office network. In my opinion the only realistic approach seems to be a) https://cloud.google.com/vpc-service-controls/docs/supported-products#table_storage

In this case a VPC Service Controls , is more appropriated.

It's obviously A. C mentions office hours which has nothing to do with the question!

A is correct answer. Examtopics should change so-called "Correct Answer" from C to A to stop confusin users.

I'm preparing for a test and see that questions from 115 onwards are considered valid. Can anyone who's taken the test offer any insights or advice? Thank you!

A is the correct answer. The question is specific to accessing the data outside of the office network. If the question talked about outside of work business hours then, we can consider C

How can be possible that Examtopics say that the correct answer is C?! It doesn't make any sense! A is the correct one.

A is correct answer

https://cloud.google.com/vpc-service-controls/docs/overview

A is correct because, For all Google Cloud services secured with VPC Service Controls, you can ensure that resources within a perimeter are accessed only from clients within authorized VPC networks using Private Google Access with either Google Cloud or on-premises.

A is the correct answer, https://cloud.google.com/vpc-service-controls/docs/overview#isolate * A VM within a Virtual Private Cloud (VPC) network that is part of a service perimeter can read from or write to a Cloud Storage bucket in the same perimeter. However, VPC Service Controls doesn't allow VMs within VPC networks that are outside the perimeter to access Cloud Storage buckets that are inside the perimeter. * A copy operation between two Cloud Storage buckets succeeds if both buckets are in the same service perimeter, but if one of the buckets is outside the perimeter, the copy operation fails. * VPC Service Controls doesn't allow a VM within a VPC network that is inside a service perimeter to access Cloud Storage buckets that are outside the perimeter.

answer C will not prevent connection from outside of office network

For all Google Cloud services secured with VPC Service Controls, you can ensure that: Resources within a perimeter are accessed only from clients within authorized VPC networks using Private Google Access with either Google Cloud or on-premises. https://cloud.google.com/vpc-service-controls/docs/overview

A is ok

A. Best option B. Not all instances need this restriction C. You are not restricting remote access. The users can still access remotely using their credentials during the business day. The ask is to restrict data retrieval from outside the office network (what if they are working from home...?) D. VPN - too much overhead

A. Best option B. Not all instances need this restriction C. You are not restricting remote access. The users can still access remotely using their credentials during the business day. The ask is to restrict data retrieval from outside the office network (what if they are working from home...?) D. VPN - too much overhead