Exam Professional Cloud Security Engineer topic 1 question 189 discussion

To limit traffic from the identified IP addresses over a specified time interval, you should configure a throttle action by using Google Cloud Armor. This will limit the number of requests per client over a specified time interval, which can help prevent your application from being overwhelmed by traffic spikes. Option B is not recommended because it would ban the clients that issue too many requests over the specified time interval, which might not be desirable if the clients are legitimate. Option C is not recommended because it would throttle traffic from all IP addresses that match the firewall rule, which might not be desirable if some of the IP addresses are legitimate. Option D is not recommended because it would deny the clients that issue too many requests over the specified time interval, which might not be desirable if the clients are legitimate. Therefore, Option A is the most appropriate choice for limiting traffic from multiple IP addresses over a specified time interval.

When dealing with potential DDoS attacks or unexpected spikes in traffic, it's essential to handle the situation carefully to maintain the availability of your application. Here are the options you have: A. Configure a throttle action by using Google Cloud Armor: Google Cloud Armor allows you to define security policies that can throttle clients based on the number of incoming requests over a certain time period. This ensures that legitimate users are not completely blocked while also preventing any one client from overloading the system.

All can be done but option A is correct cuz a sentence "number of requests per client."

A you want to limit, not ban traffic https://cloud.google.com/armor/docs/rate-limiting-overview#throttle-traffic

A https://cloud.google.com/blog/products/identity-security/announcing-new-cloud-armor-rate-limiting-adaptive-protection-and-bot-defense