Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Network Engineer Topic 3 Question 94 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 94
Topic #: 3
[All Professional Cloud Network Engineer Questions]

Your team is developing an application that will be used by consumers all over the world. Currently, the application sits behind a global external application load balancer You need to protect the application from potential application-level attacks. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct answer is C because it meets the requirement of protecting the application from potential application-level attacks.Google Cloud Armor security policies are sets of rules that match on attributes from Layer 3 to Layer 7 to protect externally facing applications1.Web application firewall (WAF) rules are predefined rules that detect and mitigate common web attacks such as cross-site scripting (XSS), SQL injection, remote file inclusion, and more2. By applying a Google Cloud Armor security policy with WAF rules to the backend service, you can filter out malicious requests before they reach your application.

Option A is incorrect because Cloud CDN is a content delivery network that caches static content at the edge of Google's network, but it does not provide any protection against application-level attacks3.Option B is incorrect because firewall rules are applied at the VPC network level, not at the load balancer level4.Firewall rules also only match on Layer 3 and 4 attributes, not on Layer 7 attributes that are relevant for application-level attacks4. Option D is incorrect because VPC Service Controls perimeter is a feature that helps you secure your data from unauthorized access by users outside your organization, but it does not protect your application from external attacks.


Security policy overview | Google Cloud Armor

Web application firewall (WAF) rules | Google Cloud Armor

Cloud CDN overview | Google Cloud

Using firewall rules | VPC

[VPC Service Controls overview | Google Cloud]

by Dominque at Sep 15, 2024, 01:22 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Noble
3 months ago
I'm not sure, option B also sounds like a good way to block malicious users.
upvoted 0 times
...
Shaniqua
3 months ago
I agree with Renay, option C seems like the best choice to protect the application.
upvoted 0 times
...
Renay
3 months ago
I think we should go with option C.
upvoted 0 times
...
Penney
3 months ago
I'm feeling a bit hungry just thinking about all these options. Maybe we should order some pizza and hash this out over a slice or two?
upvoted 0 times
Janessa
2 months ago
Let's order that pizza and celebrate making a good decision for our application security!
upvoted 0 times
...
Reta
2 months ago
I agree, that seems like the best way to protect the application from potential attacks.
upvoted 0 times
...
Jimmie
2 months ago
I think we should go with option C) Create a Google Cloud Armor security policy with web application firewall rules.
upvoted 0 times
...
Caprice
2 months ago
That sounds like a great idea! I could go for some pizza right now.
upvoted 0 times
...
...
Louvenia
3 months ago
Hold up, Option D with the VPC Service Controls sounds interesting too. Gotta keep those backend services locked down, you know?
upvoted 0 times
...
Fairy
3 months ago
Option C looks like the way to go. A web application firewall can really help protect against those pesky application-level attacks.
upvoted 0 times
Gracia
3 months ago
Definitely, a web application firewall can provide an extra layer of security for our global application.
upvoted 0 times
...
Cherelle
3 months ago
I agree, option C seems like the best choice to protect the application from application-level attacks.
upvoted 0 times
...
...

Save Cancel