Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud Network Engineer Topic 2 Question 104 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 104
Topic #: 2
[All Professional Cloud Network Engineer Questions]

Your organization has a new security policy that requires you to monitor all egress traffic payloads from your virtual machines in the us-west2 region. You deployed an intrusion detection system (IDS) virtual appliance in the same region to meet the new policy. You now need to integrate the IDS into the environment to monitor all egress traffic payloads from us-west2. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

Packet Mirroring with an internal TCP/UDP load balancer allows for comprehensive monitoring of egress traffic, which includes payloads. This is required for integration with an IDS for detailed inspection of traffic payloads, meeting the security policy needs for monitoring and detection.


by Francene at Mar 20, 2025, 06:36 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Deeanna
7 days ago
Packet Mirroring is the way to go, but I can't decide if I should use HTTP(S) or TCP/UDP. Maybe I should just flip a coin, or ask the IDS for its opinion.
upvoted 0 times
...
Lilli
8 days ago
Option A? Seriously? Forwarding firewall logs to the IDS? That's so 2010, man. We're in the 21st century, let's use some modern tech like Packet Mirroring!
upvoted 0 times
...
Curtis
9 days ago
I'm torn between B and C. Both of them involve using Packet Mirroring, but I'm not sure if I should go with HTTP(S) or TCP/UDP load balancer. Hmm, decisions, decisions.
upvoted 0 times
...
Bernardine
24 days ago
I'd go with Option D. Enabling VPC Flow Logs and creating a sink in Cloud Logging to send the filtered egress logs to the IDS seems like a neat and tidy solution.
upvoted 0 times
Garry
3 days ago
Definitely, Option D simplifies the process of integrating the IDS to monitor all egress traffic from us-west2.
upvoted 0 times
...
Cherri
12 days ago
I agree, Option D is the way to go. It provides a straightforward solution for monitoring egress traffic payloads.
upvoted 0 times
...
Staci
17 days ago
Option D sounds like the best choice. Enabling VPC Flow Logs and creating a sink in Cloud Logging seems efficient.
upvoted 0 times
...
...
Oliva
28 days ago
I agree with Erick, VPC Flow Logs are more comprehensive for monitoring egress traffic.
upvoted 0 times
...
Erick
1 months ago
I disagree, I believe option D is the best choice as it involves VPC Flow Logs.
upvoted 0 times
...
Ceola
1 months ago
I think we should go with option A and enable firewall logging.
upvoted 0 times
...
Leonida
1 months ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
Naomi
17 days ago
I think I'll go ahead and implement that solution to integrate the IDS into the environment for monitoring egress traffic from us-west2.
upvoted 0 times
...
Bonita
18 days ago
I agree, it's a good way to ensure all egress traffic payloads are monitored as required by the new security policy.
upvoted 0 times
...
Gennie
21 days ago
Option B sounds like the way to go. Setting up an internal HTTP(S) load balancer for Packet Mirroring and adding a filter for egress traffic seems like the most straightforward approach.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77