Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 146 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 146
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You suspect that one of the virtual machines (VMs) in your default Virtual Private Cloud (VPC) is under a denial-of-service attack. You need to analyze the incoming traffic for the VM to understand where the traffic is coming from. What should you do?

  • A. Enable Data Access audit logs of the VPC. Analyze the logs and get the source IP addresses from the subnetworks.get field.
  • B. Enable VPC Flow Logs for the subnet. Analyze the logs and get the source IP addresses from the connection field.
  • C. Enable VPC Flow Logs for the VPAnalyze the logs and get the source IP addresses from the src_location field.
  • D. Enable Data Access audit logs of the subnet. Analyze the logs and get the source IP addresses from the networks.get field.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by ccieman2016 at Dec. 4, 2022, 4:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
ccieman2016
Highly Voted 1 year, 11 months ago
Selected Answer: B
I think B is correct, enable vpc flow on subnet. A and D is wrong, there Audit is to check configuration change.
upvoted 7 times
...
PeppaPig
Most Recent 2 months, 3 weeks ago
B is corret. For example, the connection field is of the IpConnection format, which contains the source and destination IP address and port, plus the protocol https://cloud.google.com/vpc/docs/about-flow-logs-records
upvoted 1 times
...
thewalker
7 months ago
Selected Answer: C
VPC Flow Logs can be used to log all the incoming and outgoing traffic for a VPC. The logs include information about the source and destination IP addresses, the ports, the protocols, and the packet sizes. To enable VPC Flow Logs for a VPC, you can use the following command: gcloud compute networks logs enable my-vpc \ --project=my-project \ --log-name=my-vpc-flow-logs Once VPC Flow Logs are enabled, you can use the gcloud logging read command to analyse the logs. For example, the following command will show you all the incoming traffic for the VM with the IP address 10.0.0.1: gcloud logging read \ "resource.type=gce_instance AND resource.labels.instance_name=my-vm AND jsonPayload.src_location=10.0.0.1" The output of the command will include the source IP addresses of all the incoming traffic for the VM.
upvoted 1 times
thewalker
7 months ago
The other options are incorrect because: A. Enable Data Access audit logs of the VPC. Analyse the logs and get the source IP addresses from the subnetworks.get field. Data Access audit logs do not include information about the source IP addresses of the incoming traffic. B. Enable VPC Flow Logs for the subnet. Analyse the logs and get the source IP addresses from the connection field. VPC Flow Logs for a subnet only include information about the traffic that enters or leaves the subnet. They do not include information about the traffic that is destined for a VM in the subnet. D. Enable Data Access audit logs of the subnet. Analyse the logs and get the source IP addresses from the networks.get field. Data Access audit logs do not include information about the source IP addresses of the incoming traffic. Therefore, the best option is to enable VPC Flow Logs for the VPC and analyse the logs to get the source IP addresses of the incoming traffic.
upvoted 1 times
...
...
didek1986
1 year, 3 months ago
Selected Answer: C
for now B is correct but I marked C to pay attention how question is formalised in the exam. I do not know what is VPAnalyze, but if it would be named differently then C can be correct cause: "src_location GeographicDetails If the source of the connection was external to the VPC, this field is populated with available location metadata." so no need to use connection failed
upvoted 2 times
Loved
1 year, 2 months ago
VPAnalyze ---> VPC. Analyze...
upvoted 1 times
...
...
pk349
1 year, 10 months ago
• B. Enable VPC Flow Logs for the ***** subnet. Analyze the logs and get the source IP addresses from the connection field.
upvoted 1 times
...
nosense
1 year, 11 months ago
Selected Answer: B
b is right. record network flows sent from and received by VM instances, the best approach would be to use VPC Flow Logs feature. If enabled for a subnet, VPC flow logs collect data from all VM instances in that subnet. c - can't to find information about VPAnalyze
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel