Which TWO are best practices when designing a VPC network for a multi-tier application in Google Cloud?
Trap 1: Disable VPC Flow Logs to reduce cost.
VPC Flow Logs are valuable for security analysis.
Trap 2: Use a single subnet for all tiers to simplify IP management.
This combines all traffic and reduces security.
Trap 3: Rely on the default priority of firewall rules to ensure proper…
Always set explicit priorities to avoid unintended effects.
- A
Disable VPC Flow Logs to reduce cost.
Why wrong: VPC Flow Logs are valuable for security analysis.
- B
Create separate subnets for each application tier.
Subnets allow segmentation and granular firewall rules.
- C
Use firewall rules to restrict traffic between tiers to only necessary ports.
Minimize attack surface by allowing only required communication.
- D
Use a single subnet for all tiers to simplify IP management.
Why wrong: This combines all traffic and reduces security.
- E
Rely on the default priority of firewall rules to ensure proper ordering.
Why wrong: Always set explicit priorities to avoid unintended effects.