Domain 2: Managing and Provisioning a Solution Infrastructure — GCP PCA Practice Question 39

How to approach this question

Use a single Custom VPC with multiple subnets, and use firewall rules to control the flow between them.

Full Answer

Place the web tier and database tier in separate subnets within the same Custom Mode VPC. Create firewall rules allowing ingress from the internet to the web tier, and ingress from the web tier to the database tier.

Best practice for a multi-tier application is to use a single Custom Mode VPC (Option A) with separate subnets for each tier. By default, GCP VPCs block all inbound traffic. You must create specific firewall rules (Option C) to allow internet traffic to the web tier, and allow the web tier to talk to the database tier. The database VMs should not have external IPs.

Common mistakes

Choosing multiple VPCs (B). This adds unnecessary complexity. VPCs are global and subnets provide logical grouping.

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Professional Cloud Architect Practice Exam 4

More questions from this exam