Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 292 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 292
Topic #: 1
[All Professional Cloud Security Engineer Questions]

You are implementing a new web application on Google Cloud that will be accessed from your on-premises network. To provide protection from threats like malware, you must implement transport layer security (TLS) interception for incoming traffic to your application. What should you do?

  • A. Configure Secure Web Proxy. Offload the TLS traffic in the load balancer, inspect the traffic, and forward the traffic to the web application.
  • B. Configure an internal proxy load balancer. Offload the TLS traffic in the load balancer inspect, the traffic and forward the traffic to the web application.
  • C. Configure a hierarchical firewall policy. Enable TLS interception by using Cloud Next Generation Firewall (NGFW) Enterprise.
  • D. Configure a VPC firewall rule. Enable TLS interception by using Cloud Next Generation Firewall (NGFW) Enterprise.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by yokoyan at Sept. 6, 2024, 1:54 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
KLei
4 days, 10 hours ago
Selected Answer: A
Secure Web Proxy: This setup allows you to intercept and inspect TLS traffic securely. By configuring a Secure Web Proxy, you can manage incoming traffic more effectively and implement security measures against threats. TLS Offloading at the Load Balancer: By offloading TLS traffic at the load balancer, you can decrypt and inspect the traffic before forwarding it to your web application.
upvoted 1 times
KLei
4 days, 10 hours ago
Sorry, seems D is better as secure web proxy is for outgoing traffic while next gen firewall is for both incoming and outgoing traffic.
upvoted 1 times
...
...
junb
1 month ago
C is Correct
upvoted 1 times
...
BB_norway
2 months ago
Selected Answer: D
With the Enterprise tier we can intercept TLS traffic
upvoted 3 times
json4u
1 month ago
Ofcourse it's D. Secure Web Proxy primarily handles outbound (egress) web traffic. Next Generation Firewall (NGFW) Enterprise supports TLS interception also, and it's a better fit for this scenario involving traffic protection for a web application accessed from an on-premises network.
upvoted 2 times
...
...
ABotha
2 months, 2 weeks ago
B is correct. Secure Web Proxy is typically used for external traffic, not internal traffic from an on-premises network.
upvoted 2 times
Pach1211
2 months ago
An internal proxy load balancer is designed for load balancing within the Google Cloud environment and is not suitable for intercepting and inspecting TLS traffic from external sources, such as traffic coming from an on-premises network to a web application hosted on Google Cloud.
upvoted 1 times
...
...
yokoyan
2 months, 2 weeks ago
Selected Answer: A
I think it's A.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel