🔥 3-day streak
Professional Cloud Security Engineer46 / 152
Question 46 of 152

A financial services company runs a fleet of backend processing VMs in a private subnet within a Shared VPC. Organization policy prohibits assigning external IP addresses to these VMs. However, the VMs must periodically download OS security patches and pull dependencies from public package repositories on the internet. Inbound connections from the internet to these VMs must remain impossible. What should the security engineer configure to meet these requirements?

Reviewed for accuracy · Report an issueNext question