Question 1

You are implementing VPC Service Controls to protect BigQuery and Cloud Storage. However, a specific third-party partner needs to upload files to a specific Cloud Storage bucket from their corporate IP address, which is outside your GCP network. Which TWO configurations can you use to allow this specific access while maintaining the perimeter? (Select TWO)

Accepted Answer

Identify the mechanisms within VPC Service Controls and Access Context Manager used to punch secure holes in a perimeter.

Question 2

What mistakes do candidates make on this GCP PCA question?

Accepted Answer

Choosing Egress rules (C), confusing traffic direction. The partner is outside coming *in* (Ingress).

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Professional Cloud Architect Practice Exam 6

More questions from this exam