You created a new VPC for your development team.
You want to allow access to the resources in this VPC via SSH only.
How should you configure your firewall rules?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://geekflare.com/gcp-firewall-configuration/The correct answer for this question is option C: Create a single firewall rule to allow port 22 with priority 1000.
Here's the detailed explanation:
Firewall rules are used to control network traffic into and out of a VPC. They allow or block traffic based on the specified protocol, port, and IP address range. When creating firewall rules, it's important to prioritize them based on the order in which they're evaluated. Firewall rules are evaluated in ascending order of priority, from the lowest number to the highest number. If a rule matches a traffic flow, it's applied, and the evaluation stops.
In this scenario, we want to allow SSH access to the resources in the VPC. SSH uses port 22 by default, so we need to create a firewall rule that allows traffic on port 22.
Option A suggests creating two firewall rules - one to block all traffic and another to allow port 22. While this approach would technically work, it's not the most efficient way to configure the firewall rules. Since firewall rules are evaluated in order of priority, the first rule that blocks all traffic would prevent any traffic from entering the VPC, including SSH traffic on port 22. Therefore, we would not be able to access the resources in the VPC via SSH. Option A is therefore incorrect.
Option B suggests creating two firewall rules - one to block all traffic and another to allow port 3389. However, port 3389 is used for Remote Desktop Protocol (RDP), not SSH. Therefore, option B is incorrect.
Option D suggests creating a firewall rule to allow port 3389. As mentioned earlier, this port is used for RDP, not SSH. Therefore, option D is also incorrect.
Option C is the correct answer. It suggests creating a single firewall rule to allow port 22 with priority 1000. This rule will allow SSH traffic into the VPC and block all other traffic. Since it has the highest priority (1000), it will be evaluated first, and all traffic on port 22 will be allowed. This is the most efficient way to configure the firewall rules for this scenario.