Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Google
  4. Google Cloud Platform
  5. Professional-Cloud-Network-Engineer Discussions
  6. Professional-Cloud-Network-Engineer Exam Topic 6 Question 55 Discussion
 Google Discussions
Exam Professional-Cloud-Network-Engineer All Questions
Exam Professional-Cloud-Network-Engineer All Questions

View all questions & answers for the Professional-Cloud-Network-Engineer exam

Go to Exam

Google Cloud Platform Professional-Cloud-Network-Engineer Question # 55 Topic 6 Discussion

Professional-Cloud-Network-Engineer Exam Topic 6 Question 55 Discussion:
Question #: 55
Topic #: 6

You are configuring an HA VPN connection between your Virtual Private Cloud (VPC) and on-premises network. The VPN gateway is named VPN_GATEWAY_1. You need to restrict VPN tunnels created in the project to only connect to your on-premises VPN public IP address: 203.0.113.1/32. What should you do?
A.

Configure a firewall rule accepting 203.0.113.1/32, and set a target tag equal to VPN_GATEWAY_1.

B.

Configure the Resource Manager constraint constraints/compute.restrictVpnPeerIPs to use an allowList consisting of only the 203.0.113.1/32 address.

C.

Configure a Google Cloud Armor security policy, and create a policy rule to allow 203.0.113.1/32.

D.

Configure an access control list on the peer VPN gateway to deny all traffic except 203.0.113.1/32, and attach it to the primary external interface.

Get Premium Professional-Cloud-Network-Engineer Questions
Actual exam question for Google Professional-Cloud-Network-Engineer exam by Riven5449 at May 3, 2026, 4:52:56 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit