ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 128 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 128
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Users are reporting an outage on your public-facing application that is hosted on Compute Engine. You suspect that a recent change to your firewall rules is responsible. You need to test whether your firewall rules are working properly. What should you do?

  • A. Enable Firewall Rules Logging on the latest rules that were changed. Use Logs Explorer to analyze whether the rules are working correctly.
  • B. Connect to a bastion host in your VPC. Use a network traffic analyzer to determine at which point your requests are being blocked.
  • C. In a pre-production environment, disable all firewall rules individually to determine which one is blocking user traffic.
  • D. Enable VPC Flow Logs in your VPC. Use Logs Explorer to analyze whether the rules are working correctly.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ExamQnA at May 20, 2022, 8:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mikesp
Highly Voted 1 year, 11 months ago
Selected Answer: A
https://cloud.google.com/vpc/docs/firewall-rules-logging
upvoted 8 times
...
ExamQnA
Highly Voted 1 year, 11 months ago
Ans:A https://cloud.google.com/vpc/docs/firewall-rules-logging
upvoted 6 times
...
Xoxoo
Most Recent 7 months, 1 week ago
Selected Answer: A
To test whether your firewall rules are working properly, you can enable Firewall Rules Logging on the latest rules that were changed and use Logs Explorer to analyze whether the rules are working correctly. Firewall Rules Logging lets you audit, verify, and analyze the effects of your firewall rules. It generates an entry called a connection record each time a firewall rule allows or denies traffic. You can view these records in Cloud Logging and export logs to any destination that Cloud Logging export supports. By enabling Firewall Rules Logging on the latest rules that were changed, you can determine if a firewall rule designed to deny traffic is functioning as intended. This will help you identify whether the recent change to your firewall rules is responsible for the reported outage. Therefore, option A is the correct answer.
upvoted 4 times
...
AzureDP900
1 year, 5 months ago
A is right
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago