Google Cloud Professional Cloud Security Engineer Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Google Cloud Professional Cloud Security Engineer Exam with our interactive quiz. Study with flashcards and multiple-choice questions, complete with hints and explanations. Ace your exam with confidence!

Practice this question and more.

What should be configured to allow only specific VM communication on a particular port within a VPC?

Network peering
Firewall rules
Interconnects
Subnet segmentation

The correct answer is: Firewall rules

To allow only specific virtual machine (VM) communication on a particular port within a Virtual Private Cloud (VPC), configuring firewall rules is essential. Firewall rules in Google Cloud Platform (GCP) control the traffic to and from VM instances based on specified criteria, such as IP ranges, protocols, ports, and target tags. By defining precise firewall rules, you can specify which VMs are allowed to communicate with each other on designated ports. For example, if you want to permit only certain VMs to connect over TCP port 80, you can create a firewall rule that explicitly allows traffic from the source VM or network to the target VM on that port, while rejecting or blocking any unauthorized traffic. This approach provides granular control over the communication, enhancing the security posture of your environment. In contrast, network peering is used to connect two VPC networks, interconnects provide a direct connection between on-premises networks and Google Cloud, and subnet segmentation involves dividing a network into smaller subnetworks. While these elements are important in overall network design, they do not directly facilitate the restriction of communication on specific ports, making firewall rules the appropriate choice for this scenario.