Google Cloud Professional Cloud Architect — Question 81

Your organization has a 3-tier web application deployed in the same network on Google Cloud Platform. Each tier (web, API, and database) scales independently of the others. Network traffic should flow through the web to the API tier and then on to the database tier. Traffic should not flow between the web and the database tier.
How should you configure the network?

Answer options

• A. Add each tier to a different subnetwork
• B. Set up software based firewalls on individual VMs
• C. Add tags to each tier and set up routes to allow the desired traffic flow
• D. Add tags to each tier and set up firewall rules to allow the desired traffic flow

Correct answer: D

Explanation

The correct answer is D because using firewall rules allows you to explicitly control which traffic is allowed between the tiers, ensuring that only the desired communication occurs. Options A and C do not provide the necessary control over traffic flow between the web and database tiers, while option B lacks the granularity needed to enforce such restrictions effectively.