Google Cloud Professional Cloud Network Engineer — Question 13

You created a new VPC network named Dev with a single subnet. You added a firewall rule for the network Dev to allow HTTP traffic only and enabled logging.
When you try to log in to an instance in the subnet via Remote Desktop Protocol, the login fails. You look for the Firewall rules logs in Stackdriver Logging, but you do not see any entries for blocked traffic. You want to see the logs for blocked traffic.
What should you do?

Answer options

• A. Check the VPC flow logs for the instance.
• B. Try connecting to the instance via SSH, and check the logs.
• C. Create a new firewall rule to allow traffic from port 22, and enable logs.
• D. Create a new firewall rule with priority 65500 to deny all traffic, and enable logs.

Correct answer: D

Explanation

The correct answer is D, as creating a firewall rule with a high priority to deny all traffic and enabling logging will allow you to capture logs for any blocked traffic, including the failed login attempts. The other options do not directly address the requirement to see logs for blocked traffic, either by checking other logs that may not provide the needed information or by allowing traffic instead of denying it.