🔥 3-day streak
Professional Cloud Security Engineer44 / 152
Question 44 of 152

A security operations team at a financial services company needs to investigate a suspected data exfiltration incident. Several private VMs in a subnet use Cloud NAT for outbound internet access to reach a partner API. The team needs to determine exactly which destination IP addresses and ports the VMs connected to during a specific time window, and whether any connections were dropped due to NAT port exhaustion. Currently no NAT observability is configured. What should the team enable to obtain this evidence with the least operational overhead?

Reviewed for accuracy · Report an issueNext question