Your company is running out of network capacity to run a critical application in the on-premises data center. You want to migrate the application to GCP. You also want to ensure that the Security team does not lose their ability to monitor traffic to and from Compute Engine instances.
Which two products should you incorporate into the solution? (Choose two.)
To ensure the Security team does not lose their ability to monitor traffic to and from Compute Engine instances, VPC flow logs and Firewall logs should be incorporated into the solution. VPC flow logs provide detailed information about network traffic, capturing network flows sent from and received by VM instances. Firewall logs allow the monitoring of traffic that has been allowed or denied by firewall rules, offering insights into the actions taken by the firewall on specific connections. Together, these logs provide comprehensive visibility into network activity, which is essential for security monitoring. Cloud Audit logs track administrative actions, Stackdriver Trace is used for debugging performance issues, and Compute Engine instance system logs provide information about the instances themselves, rather than the network traffic, making them less relevant for this requirement.
Correct Answers are (A) & (B): A: Using VPC Flow Logs VPC Flow Logs records a sample of network flows sent from and received by VM instances, including instances used as GKE nodes. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization. https://cloud.google.com/vpc/docs/using-flow-logs (B): Firewall Rules Logging overview Firewall Rules Logging allows you to audit, verify, and analyze the effects of your firewall rules. For example, you can determine if a firewall rule designed to deny traffic is functioning as intended. Firewall Rules Logging is also useful if you need to determine how many connections are affected by a given firewall rule. You enable Firewall Rules Logging individually for each firewall rule whose connections you need to log. Firewall Rules Logging is an option for any firewall rule, regardless of the action (allow or deny) or direction (ingress or egress) of the rule. https://cloud.google.com/vpc/docs/firewall-rules-logging
Agreed, A & B perfect.
A. VPC flow logs B. Firewall logs Both VPC flow logs and Firewall logs can be used to monitor network traffic to and from Compute Engine instances. VPC flow logs provide visibility into network flows within a VPC network, while Firewall logs provide visibility into firewall rules that are applied to traffic. Incorporating both these products into the solution will ensure that the Security team does not lose their ability to monitor traffic to and from Compute Engine instances. Cloud Audit logs are used to track who did what, where, and when across Google Cloud resources, and Stackdriver Trace is used to debug performance issues in applications, but they are not directly relevant to monitoring network traffic in this scenario. Compute Engine instance system logs provide information about the instances themselves, but not about the traffic flowing to and from them.
Ans - AB
A and B
A & B are correct.
Answer is : A and
Only A & B answer to the requirements.
The two products that should be incorporated into the solution to ensure that the Security team does not lose their ability to monitor traffic to and from Compute Engine instances are: A. VPC flow logs: This will allow you to capture network flows at the Virtual Private Cloud (VPC) level, including information such as source and destination IP addresses, ports, protocol, and bytes transferred. B. Firewall logs: This will allow you to capture information about the traffic that has been allowed or denied by the firewall rules that are applied to your Compute Engine instances. Therefore, options A and B are the correct answers.
A. VPC flow logs: VPC Flow Logs records a sample of network flows sent from and received by VM instances, including instances used as Google Kubernetes Engine nodes. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization. B. Firewall logs: Firewall log analysis can be used to discover suspicious network activity that could indicate malicious threat actors breaching a network and can help greatly improve an organization's firewall effectiveness. A firewall analyzer helps by monitoring how the firewall handles traffic.
Ans is A and B because they want to monitor traffic from VM, so no point in monitoring audit logs and system logs
This site used to be good, now it's horrible, you have to pay to get all the questions