exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam

Exam Professional Cloud Security Engineer topic 1 question 174 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 174
Topic #: 1
[All Professional Cloud Security Engineer Questions]

You manage your organization's Security Operations Center (SOC). You currently monitor and detect network traffic anomalies in your VPCs based on network logs. However, you want to explore your environment using network payloads and headers. Which Google Cloud product should you use?

  • A. Cloud IDS
  • B. VPC Service Controls logs
  • C. VPC Flow Logs
  • D. Google Cloud Armor
  • E. Packet Mirroring
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
zellck
Highly Voted 2 years, 2 months ago
Selected Answer: E
E is the answer. https://cloud.google.com/vpc/docs/packet-mirroring Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it for examination. Packet Mirroring captures all traffic and packet data, including payloads and headers.
upvoted 9 times
...
kalyan_krishna742020
Highly Voted 2 years ago
It should be A.. Cloud IDS inspects not only the IP header of the packet, but also the payload. https://cloud.google.com/blog/products/identity-security/how-google-cloud-ids-helps-detect-advanced-network-threats
upvoted 7 times
...
Pime13
Most Recent 1 week, 4 days ago
Selected Answer: E
https://cloud.google.com/vpc/docs/packet-mirroring Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it for examination. Packet Mirroring captures all traffic and packet data, including payloads and headers. The capture can be configured for both egress and ingress traffic, only ingress traffic, or only egress traffic. The mirroring happens on the virtual machine (VM) instances, not on the network. Consequently, Packet Mirroring consumes additional bandwidth on the VMs. Packet Mirroring is useful when you need to monitor and analyze your security status. It exports all traffic, not only the traffic between sampling periods. For example, you can use security software that analyzes mirrored traffic to detect all threats or anomalies. Additionally, you can inspect the full traffic flow to detect application performance issues.
upvoted 1 times
...
MoAk
1 month ago
Answer previously would have been E however, I believe this now should be Answer A - Cloud IDS
upvoted 1 times
...
Bettoxicity
8 months, 3 weeks ago
Selected Answer: E
E. Packet Mirroring allows you to replicate network traffic flowing through your VPCs to a designated destination. This destination can be a dedicated instance or a network analysis tool. With full packet capture, you can inspect the contents of network payloads and headers, providing a deeper level of network traffic analysis compared to just flow logs.
upvoted 1 times
...
desertlotus1211
1 year, 3 months ago
Answer is A: It askes for 'Google Cloud Product'. Cloud IDS includes packet mirroring and built with Palo Alto threat detection. https://www.happtiq.com/cloud-ids/ After an endpoint has been specified, traffic from specific instances is cloned by setting up a packet mirroring policy. All the data from the traffic along with packet data, payloads, and headers is forwarded to Cloud IDS for examination.
upvoted 2 times
...
cyberpunk21
1 year, 4 months ago
Selected Answer: E
E is the answer
upvoted 1 times
desertlotus1211
1 year, 3 months ago
Answer is A: It askes for 'Google Cloud Product'. Cloud IDS includes packet mirroring and built with Palo Alto threat detection. https://www.happtiq.com/cloud-ids/ After an endpoint has been specified, traffic from specific instances is cloned by setting up a packet mirroring policy. All the data from the traffic along with packet data, payloads, and headers is forwarded to Cloud IDS for examination.
upvoted 1 times
...
...
gcpengineer
1 year, 7 months ago
Selected Answer: A
cloud IDS is based on packet mirroring and asked for product to analyse. so A is the ans
upvoted 3 times
...
AzureDP900
2 years, 1 month ago
E Packet Mirroring captures all traffic and packet data, including payloads and headers. The capture can be configured for both egress and ingress traffic, only ingress traffic, or only egress traffic.
upvoted 3 times
...
hello_gcp_devops
2 years, 1 month ago
Packet Mirroring clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it for examination. Packet Mirroring captures all traffic and packet data, including payloads and headers. The capture can be configured for both egress and ingress traffic, only ingress traffic, or only egress traffic.
upvoted 1 times
hello_gcp_devops
2 years, 1 month ago
E is the answer
upvoted 2 times
...
...
Random_Mane
2 years, 3 months ago
Selected Answer: E
https://cloud.google.com/vpc/docs/packet-mirroring
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago