Question 9
Your manager wants to restrict communication of all virtual machines with internet access; with resources in another network; or with a resource outside Compute Engine. It is expected that different teams will create new folders and projects in the near future.
How would you restrict all virtual machines from having an external IP address?
Define an organization policy at the root organization node to restrict virtual machine instances from having an external IP address
Define an organization policy on all existing folders to define a constraint to restrict virtual machine instances from having an external IP address
Define an organization policy on all existing projects to restrict virtual machine instances from having an external IP address
Communicate with the different teams and agree that each time a virtual machine is created, it must be configured without an external IP address
Correct answer: A
Explanation:
https://cloud.google.com/resource-manager/docs/organization-policy/overview
https://cloud.google.com/resource-manager/docs/organization-policy/overview