Exam4Training

Which Google Cloud product or feature should your organization use?

Your organization runs all its workloads on Compute Engine virtual machine instances. Your organization has a security requirement: the virtual machines are not allowed to access the public internet. The workloads running on those virtual machines need to access BigQuery and Cloud Storage, using their publicly accessible interfaces, without violating the security requirement.

Which Google Cloud product or feature should your organization use?
A . Identity-Aware Proxy
B. Cloud NAT (network address translation)
C. VPC internal load balancers
D. Private Google Access

Answer: D

Explanation:

VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services. The source IP address of the packet can be the primary internal IP address of the network interface or an address in an alias IP range that is assigned to the interface. If you disable Private Google Access, the VM instances can no longer reach Google APIs and services; they can only send traffic within the VPC network.

https://cloud.google.com/vpc/docs/configure-private-google-access

Exit mobile version