New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Network Engineer Exam - Topic 2 Question 24 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 24
Topic #: 2
[All Professional Cloud Network Engineer Questions]

You want to apply a new Cloud Armor policy to an application that is deployed in Google Kubernetes Engine (GKE). You want to find out which target to use for your Cloud Armor policy.

Which GKE resource should you use?

Show Suggested Answer Hide Answer
Suggested Answer: D

Cloud Armour is applied at load balancers Configuring Google Cloud Armor through Ingress. https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features Security policy features Google Cloud Armor security policies have the following core features: You can optionally use the QUIC protocol with load balancers that use Google Cloud Armor. You can use Google Cloud Armor with external HTTP(S) load balancers that are in either Premium Tier or Standard Tier. You can use security policies with GKE and the default Ingress controller.


by Ashlyn at May 07, 2022, 09:32 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Barrie
4 months ago
Nope, it's definitely Ingress!
upvoted 0 times
...
Genevive
4 months ago
GKE Cluster seems like a better option, no?
upvoted 0 times
...
Catherin
4 months ago
Wait, can you really use Ingress for that?
upvoted 0 times
...
Samira
4 months ago
Totally agree, Ingress is the way to go!
upvoted 0 times
...
Kate
5 months ago
GKE Ingress is the right target for Cloud Armor.
upvoted 0 times
...
Clorinda
5 months ago
I’m pretty certain it’s the GKE Ingress, but I should double-check if there are any exceptions or specific configurations needed.
upvoted 0 times
...
Carin
5 months ago
I'm a bit confused; could it be the GKE Node instead? I feel like I read something about nodes being involved in security policies.
upvoted 0 times
...
Josephine
5 months ago
I remember practicing a question about GKE resources, and I think the Ingress was mentioned as the right target for Cloud Armor.
upvoted 0 times
...
Carma
5 months ago
I think we need to apply the policy to the GKE Ingress, but I'm not entirely sure if that's the only option.
upvoted 0 times
...
Ceola
5 months ago
Okay, the key here is to focus on the specific recommendations for Exadata. The options mention things like dedicated backup network, tape drives, and the Recovery Appliance, so I'll need to evaluate those in the context of Exadata best practices.
upvoted 0 times
...
Ernestine
5 months ago
I feel pretty confident about this. Based on my understanding, the answer is Item, since that's the only one that's not a parent table in the GRC Entities application.
upvoted 0 times
...
Alexis
5 months ago
It feels like service statelessness is impacted by the legacy resources too, but wasn't there something about it being more about how services hold data?
upvoted 0 times
...
Danica
5 months ago
I feel pretty confident that the answer is C. A P-iris lens is a type of DC-iris that uses feedback to automatically adjust the aperture based on lighting conditions. The other options don't seem to fit the description as well.
upvoted 0 times
...
Elke
5 months ago
Hmm, this is a tricky one. I'll need to think carefully about the different DITSCAP phases and when the SSAA is developed.
upvoted 0 times
...

Save Cancel