Google Cloud Associate Cloud Engineer — Question 90

You deployed an LDAP server on Compute Engine that is reachable via TLS through port 636 using UDP. You want to make sure it is reachable by clients over that port. What should you do?

Answer options

• A. Add the network tag allow-udp-636 to the VM instance running the LDAP server.
• B. Create a route called allow-udp-636 and set the next hop to be the VM instance running the LDAP server.
• C. Add a network tag of your choice to the instance. Create a firewall rule to allow ingress on UDP port 636 for that network tag.
• D. Add a network tag of your choice to the instance running the LDAP server. Create a firewall rule to allow egress on UDP port 636 for that network tag.

Correct answer: C

Explanation

The correct answer is C because it specifies creating a firewall rule that permits incoming traffic on UDP port 636 for a designated network tag, ensuring clients can reach the LDAP server. Option A only adds a tag without creating a rule, B creates a route which is not necessary in this scenario, and D addresses egress traffic instead of ingress, which is not what is needed for client access.