Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Network Engineer Exam - Topic 3 Question 94 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 94
Topic #: 3
[All Professional Cloud Network Engineer Questions]

Your team is developing an application that will be used by consumers all over the world. Currently, the application sits behind a global external application load balancer You need to protect the application from potential application-level attacks. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct answer is C because it meets the requirement of protecting the application from potential application-level attacks.Google Cloud Armor security policies are sets of rules that match on attributes from Layer 3 to Layer 7 to protect externally facing applications1.Web application firewall (WAF) rules are predefined rules that detect and mitigate common web attacks such as cross-site scripting (XSS), SQL injection, remote file inclusion, and more2. By applying a Google Cloud Armor security policy with WAF rules to the backend service, you can filter out malicious requests before they reach your application.

Option A is incorrect because Cloud CDN is a content delivery network that caches static content at the edge of Google's network, but it does not provide any protection against application-level attacks3.Option B is incorrect because firewall rules are applied at the VPC network level, not at the load balancer level4.Firewall rules also only match on Layer 3 and 4 attributes, not on Layer 7 attributes that are relevant for application-level attacks4. Option D is incorrect because VPC Service Controls perimeter is a feature that helps you secure your data from unauthorized access by users outside your organization, but it does not protect your application from external attacks.


Security policy overview | Google Cloud Armor

Web application firewall (WAF) rules | Google Cloud Armor

Cloud CDN overview | Google Cloud

Using firewall rules | VPC

[VPC Service Controls overview | Google Cloud]

by Dominque at Sep 15, 2024, 01:22 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Janey
6 months ago
C is the best option here, no doubt!
upvoted 0 times
...
Salome
6 months ago
D sounds interesting, but isn't it overkill for just app-level attacks?
upvoted 0 times
...
Lindy
6 months ago
Wait, does enabling Cloud CDN really help with security?
upvoted 0 times
...
Malcolm
7 months ago
I think B might be enough, but not as effective as C.
upvoted 0 times
...
Lorita
7 months ago
C is definitely the way to go for WAF protection.
upvoted 0 times
...
Helaine
7 months ago
I vaguely recall something about VPC Service Controls, but I don't think that's the main focus here. I feel like option D might not be the best answer for application-level protection.
upvoted 0 times
...
Matthew
7 months ago
I practiced a similar question where we had to choose between security policies and firewall rules. I think option C is definitely the best way to go for this scenario.
upvoted 0 times
...
Ashton
7 months ago
I'm not entirely sure, but I feel like creating firewall rules could help too. It seems like option B could be a valid approach, but I'm not confident.
upvoted 0 times
...
Avery
8 months ago
I remember we discussed the importance of using a web application firewall for protecting against application-level attacks. I think option C might be the right choice.
upvoted 0 times
...
Delmy
8 months ago
I'm pretty confident that option C is the way to go here. Applying a Google Cloud Armor security policy with web application firewall rules is a well-established way to protect against application-level attacks, especially for a global application like this. It's the most robust and scalable solution.
upvoted 0 times
...
Tamala
8 months ago
Option B seems a bit too manual and reactive to me. Creating firewall deny rules to block malicious users could work, but it might be a lot of ongoing maintenance. I think the Google Cloud Armor solution in option C is a more comprehensive and proactive approach.
upvoted 0 times
...
Dortha
8 months ago
Hmm, I'm a bit unsure about this one. I'm not super familiar with Google Cloud Armor, so I'll have to read up on that a bit more. But it does sound like the right approach to protect against application-level attacks.
upvoted 0 times
...
Pearlie
8 months ago
I think the key here is to protect the application from application-level attacks, so I'm leaning towards option C. Creating a Google Cloud Armor security policy with web application firewall rules seems like the best way to do that.
upvoted 0 times
...
Nana
8 months ago
Hmm, I'm not sure about this one. I know POP3 and SMTP are email protocols, but I can't remember which one provides remote filing capabilities.
upvoted 0 times
...
Noble
2 years ago
I'm not sure, option B also sounds like a good way to block malicious users.
upvoted 0 times
...
Shaniqua
2 years ago
I agree with Renay, option C seems like the best choice to protect the application.
upvoted 0 times
...
Renay
2 years ago
I think we should go with option C.
upvoted 0 times
...
Penney
2 years ago
I'm feeling a bit hungry just thinking about all these options. Maybe we should order some pizza and hash this out over a slice or two?
upvoted 0 times
Janessa
2 years ago
Let's order that pizza and celebrate making a good decision for our application security!
upvoted 0 times
...
Reta
2 years ago
I agree, that seems like the best way to protect the application from potential attacks.
upvoted 0 times
...
Jimmie
2 years ago
I think we should go with option C) Create a Google Cloud Armor security policy with web application firewall rules.
upvoted 0 times
...
Caprice
2 years ago
That sounds like a great idea! I could go for some pizza right now.
upvoted 0 times
...
...
Louvenia
2 years ago
Hold up, Option D with the VPC Service Controls sounds interesting too. Gotta keep those backend services locked down, you know?
upvoted 0 times
...
Fairy
2 years ago
Option C looks like the way to go. A web application firewall can really help protect against those pesky application-level attacks.
upvoted 0 times
Gracia
2 years ago
Definitely, a web application firewall can provide an extra layer of security for our global application.
upvoted 0 times
...
Cherelle
2 years ago
I agree, option C seems like the best choice to protect the application from application-level attacks.
upvoted 0 times
...
...

Save Cancel