Google Cloud Professional Cloud Security Engineer Practice Exam

How can you enforce network security while using VPC peering?

• A. Implement encryption across all traffic
• B. Configure firewall rules for peered networks
• C. Use separate billing accounts for each VPC
• D. Limit peering connections to a single organization

The correct answer is: Configure firewall rules for peered networks

Configuring firewall rules for peered networks is a key method for enforcing network security in a VPC (Virtual Private Cloud) peering setup. When VPCs are peered, they can communicate with each other as if they were on the same network. However, to ensure that this communication is secure and controlled, it's essential to specify the firewall rules that dictate what traffic is allowed or denied between the peered VPCs. By configuring firewall rules, you can achieve granular control over inbound and outbound traffic, defining which resources can interact with one another. This includes specifying protocols, ports, and IP ranges that can be accessed, effectively creating a layer of security that manages inter-VPC communications. This ensures that only authorized traffic is permitted, helping to prevent unauthorized access and potential data breaches. The other options, while related to security and billing practices, do not directly enhance the security of the network traffic between peered VPCs. Implementing encryption can protect the data in transit but does not control access between the VPCs. Using separate billing accounts pertains more to cost management rather than security, and limiting peering connections to a single organization addresses organizational constraints rather than improving security controls at the network level.