ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 303 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 303
Topic #: 1
[All Professional Cloud Security Engineer Questions]

There is a threat actor that is targeting organizations like yours. Attacks are always initiated from a known IP address range. You want to deny-list those IPs for your website, which is exposed to the internet through an Application Load Balancer. What should you do?

  • A. Create a Cloud Armor policy with a deny-rule for the known IP address range. Attach the policy to the backend of the Application Load Balancer.
  • B. Activate Identity-Aware Proxy for the backend of the Application Load Balancer. Create a firewall rule that only allows traffic from the proxy to the application.
  • C. Create a log sink with a filter containing the known IP address range. Trigger an alert that detects when the Application Load Balancer is accessed from those IPs.
  • D. Create a Cloud Firewall policy with a deny-rule for the known IP address range. Associate the firewall policy to the Virtual Private Cloud with the application backend.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by abdelrahman89 at Oct. 4, 2024, 10:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
json4u
6 months, 2 weeks ago
Selected Answer: A
It's A.
upvoted 1 times
...
abdelrahman89
6 months, 3 weeks ago
A - Cloud Armor: Cloud Armor is a web application firewall (WAF) that provides DDoS protection and advanced security features. Creating a deny-rule for the known IP address range will effectively block traffic from those IPs, preventing them from reaching your website. Application Load Balancer Integration: Attaching the Cloud Armor policy to the backend of the Application Load Balancer ensures that the policy is applied to all traffic entering your website, regardless of the specific backend instance.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago