You are running a real-time gaming application on Compute Engine that has a production and testing environment. Each environment has its own Virtual Private Cloud (VPC) network. The application frontend and backend servers are located on different subnets in the environment’s VPC. You suspect there is a malicious process communicating intermittently in your production front-end servers. You want to ensure that network traffic is captured for analysis. What should you do?
A. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.
B. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.
C. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in testing before production.
D. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.
Disclaimer
This is a practice question. There is no guarantee of coming this question in the certification exam.
Answer
B
Explanation
A. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.
B. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.
(VPC flow logs are a feature that allows you to capture network traffic data in your VPC network. To ensure that all network traffic is captured for analysis, you should enable VPC flow logs on the production VPC network frontend and backend subnets with a sample volume scale of 1.0. This will capture all network traffic data, including the potentially malicious process, for further analysis.
Option A. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5 is not adequate, as it captures only half of the network traffic, there is a chance that the logs of the malicious process are not captured.
Option C and D, Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5/1.0. Apply changes in testing before production, is not necessary, it’s important to have the logs in production environment to detect and mitigate the problem.)
C. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in testing before production.
D. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.