Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services.
Which two settings must remain disabled to meet these requirements? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.CD.
https://cloud.google.com/vpc/docs/configure-private-google-accessTo prevent a Compute Engine instance from accessing the internet or any Google APIs or services, two settings must remain disabled: Public IP and Private Google Access.
A. Public IP: A public IP address allows an instance to communicate with the internet and other external networks. Disabling public IP address will prevent instances from accessing the internet.
B. IP Forwarding: IP forwarding is a feature that allows an instance to forward network traffic to other instances or networks. Disabling IP forwarding will prevent instances from forwarding traffic to other instances or networks.
C. Private Google Access: Private Google Access allows instances to reach Google APIs and services using internal IP addresses instead of public IP addresses. Disabling private Google access will prevent instances from accessing Google APIs and services.
D. Static routes: Static routes are used to configure routing tables for instances to direct network traffic. Disabling static routes will prevent instances from using custom routing rules to access the internet or Google APIs and services.
E. IAM Network User Role: This is not relevant for the question as it's a role that allows a user to create, modify or delete roles for a particular project's networks.
Therefore, the correct answer is A. Public IP and C. Private Google Access.