Your product team has web servers running on both us-east1 and us-west1 regions in the prod-servers project. Your security team plans to install an intrusion detection system (IDS) in their own Google Cloud project to inspect the incoming network traffic. What should you do?
A. Create a new project and a VPC for the security team.
Peer the new VPC with the web servers’ VPC in the prod-servers project.
Create an internal load balancer and the IDS system in both us-east1 and us-west1.
Enable Packet Mirroring, and create packet mirroring policies inside the new project.
B. Create a host project and a Sharad VPC for the security team.
Make prod-servers a service project, and relocate the web servers to shared subnets in both regions.
Enable IP forwarding on all the web servers.
Create the IDS system in a non-shared subnet of us-east1 or us-west1.
Configure the web servers to forward the packets to the IDS system.
C. Create a new project and a VPC for the security team.
Peer the new VPC with the web servers’ VPC in the prod-servers project.
Enable IP forwarding on all the web servers.
Install the IDS system in both us-east1 and us-west1.
Configure the web servers to forward the packets to the IDS system.
D. Create a host project and a Shared VPC for the security team.
Make prod-servers a service project, and relocate the web servers to shared subnets in both regions.
Create an internal load balancer and the IDS system in a subnet in either us-east1 or us-west1.
Enable Packet Mirroring, and create a packet mirroring policy inside the host project.
Answer
A