A security team wants firewall rules to follow VM identity and be harder for instance admins to alter casually by editing metadata. Which targeting method should it prefer?

ATarget and source service accounts

BNetwork tags

CCloud NAT rules

DExternal IP address ranges only

More Configuring access and security Questions

46 questions

Full Google Cloud Associate Cloud Engineer Practice Test

All topics covered

All Google Cloud Associate Cloud Engineer Questions

Browse by topic

Related Questions

Which IAM role type should generally not be used in production because it is highly permissive?...

easy

Which role lets a principal attach a service account to a resource, but does not let the principal u...

easy

Which role allows a principal to create short-lived credentials for a service account and use the gc...

easy

A contractor must upload objects to a bucket but must not be able to view, delete, or overwrite exis...

medium

An analyst needs to read objects and list bucket contents, but must not modify data. Which Cloud Sto...

medium

View all Configuring access and security questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.