Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 4 Question 72 Discussion

A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute Engine. Their security team wants to add a security layer so that the ERP systems only accept traffic from Cloud Identity- Aware Proxy.What should the customer do to meet these requirements?
D) Make sure that the ERP system can validate the user's unique identifier headers in the HTTP requests.
A) Make sure that the ERP system can validate the JWT assertion in the HTTP requests.
B) Make sure that the ERP system can validate the identity headers in the HTTP requests.
C) Make sure that the ERP system can validate the x-forwarded-for headers in the HTTP requests.

Google Professional Cloud Security Engineer Exam - Topic 4 Question 72 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 72
Topic #: 4
[All Professional Cloud Security Engineer Questions]

A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute Engine. Their security team wants to add a security layer so that the ERP systems only accept traffic from Cloud Identity- Aware Proxy.

What should the customer do to meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

Cloud Asset Inventory: Using Cloud Asset Inventory allows you to quickly identify all the external assets and resources in your Google Cloud environment. This includes information about your projects, instances, storage buckets, and more. This step is crucial for understanding the scope of your audit. Network Security Scanner: Once you have identified the external assets, you can run a network security scanner to assess the security of these assets. Network security scanners can help identify vulnerabilities and potential security risks quickly.


by Kiley at Feb 08, 2024, 02:14 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Georgene
6 months ago
D could work, but I’d stick with A for better security.
upvoted 0 times
...
Norah
6 months ago
Surprised this isn't more straightforward, why not just use A?
upvoted 0 times
...
Andra
7 months ago
C seems off, x-forwarded-for is for IPs, not security.
upvoted 0 times
...
Laine
7 months ago
I think B makes more sense for identity validation.
upvoted 0 times
...
Burma
7 months ago
Option A is the way to go! JWT validation is key.
upvoted 0 times
...
Meghan
7 months ago
I practiced a similar question before, and I think D could be a good option since unique identifiers help in tracking users.
upvoted 0 times
...
Millie
8 months ago
I feel like C could be relevant too, especially if we're considering the source of the requests, but I can't recall the specifics.
upvoted 0 times
...
Lavonda
8 months ago
I'm not entirely sure, but I remember something about validating identity headers being important for security. Maybe B is the right choice?
upvoted 0 times
...
Artie
8 months ago
I think the answer might be A, since validating the JWT assertion seems crucial for ensuring secure access.
upvoted 0 times
...
Lonna
8 months ago
This seems straightforward to me. The security team wants to add a security layer so that the ERP system only accepts traffic from the Cloud Identity-Aware Proxy. Option A, validating the JWT assertion, is the way to go here. That will ensure the traffic is coming from the authorized proxy.
upvoted 0 times
...
Carol
8 months ago
I'm a little confused by the options here. Do we need to validate the identity headers, the x-forwarded-for headers, or the user's unique identifier headers? I'm not sure which one is the right approach for this scenario.
upvoted 0 times
...
Tish
8 months ago
Okay, I've got this. The answer is clearly A - the ERP system needs to validate the JWT assertion in the HTTP requests coming from the Cloud Identity-Aware Proxy. That's the security layer the security team wants to add.
upvoted 0 times
...
Tayna
8 months ago
Hmm, I'm a bit unsure about this one. I know we need to secure the ERP system, but I'm not entirely sure which option is the best approach. I'll need to think this through carefully.
upvoted 0 times
...
Felicia
8 months ago
This looks like a straightforward question about securing an ERP system behind a Cloud Identity-Aware Proxy. I think the key is to ensure the ERP system can validate the identity information passed in the HTTP requests.
upvoted 0 times
...
Carmelina
8 months ago
Hmm, the elimination of internal controls is a key part of JIT systems, but I'm not sure which one is usually acceptable. I'll have to think this through carefully.
upvoted 0 times
...
Iluminada
8 months ago
Hmm, I'm a bit confused about the difference between the person who created the package being able to change/upgrade the installed components versus having no control over them. I'll have to think that one through carefully.
upvoted 0 times
...
Ciara
8 months ago
This is a good test of my understanding of risk management concepts. I'll need to review the definitions of the different risk types to make sure I select the right answer.
upvoted 0 times
...
Cathrine
1 year ago
Wait, which one validates the magic unicorn headers? That's the only answer that makes sense to me.
upvoted 0 times
Salina
11 months ago
D) Make sure that the ERP system can validate the user's unique identifier headers in the HTTP requests.
upvoted 0 times
...
Laquanda
12 months ago
C) Make sure that the ERP system can validate the x-forwarded-for headers in the HTTP requests.
upvoted 0 times
...
Floyd
12 months ago
B) Make sure that the ERP system can validate the identity headers in the HTTP requests.
upvoted 0 times
...
Gracie
1 year ago
A) Make sure that the ERP system can validate the JWT assertion in the HTTP requests.
upvoted 0 times
...
...
Evan
1 year ago
I bet option C is the correct answer. Validating the x-forwarded-for headers is the secret sauce to securing the ERP system. That's what all the cool kids are doing these days.
upvoted 0 times
Hobert
12 months ago
C: Yeah, I think A is the correct answer. It's important to validate the JWT assertion for added security.
upvoted 0 times
...
Ria
1 year ago
B: I agree with A. That's the best way to ensure that only traffic from Cloud Identity-Aware Proxy is accepted.
upvoted 0 times
...
Keneth
1 year ago
A: I think option A is the way to go. Validating the JWT assertion in the HTTP requests is crucial for security.
upvoted 0 times
...
...
Chauncey
1 year ago
Option D is the obvious choice. Validating the user's unique identifier headers is the most foolproof way to secure the ERP system. Who needs JWT or identity headers, am I right?
upvoted 0 times
Jennie
1 year ago
C: Yeah, validating the user's unique identifier headers is definitely the way to go to ensure security.
upvoted 0 times
...
Tawanna
1 year ago
B: I agree, that seems like the most secure option for the ERP system.
upvoted 0 times
...
Mertie
1 year ago
A: I think option D is the best choice. It's important to validate the user's unique identifier headers.
upvoted 0 times
...
...
Brinda
1 year ago
I'd go with option B. Validating the identity headers is a more direct approach to ensuring only authorized traffic reaches the ERP system.
upvoted 0 times
Reynalda
12 months ago
I'm leaning towards option B as well. It's important to validate the identity headers for added security.
upvoted 0 times
...
Martha
1 year ago
I think option A could also work, as long as the ERP system can validate the JWT assertion.
upvoted 0 times
...
Linette
1 year ago
I agree, option B seems like the most secure choice.
upvoted 0 times
...
...
Twana
1 year ago
Option A seems like the way to go. Validating the JWT assertion is critical for ensuring secure communication between the ERP system and the Cloud Identity-Aware Proxy.
upvoted 0 times
...
Earnestine
1 year ago
I'm not sure, but option A does sound like the most secure choice.
upvoted 0 times
...
Emerson
1 year ago
I agree with Noe, validating the JWT assertion is the best way to ensure traffic is coming from Cloud Identity-Aware Proxy.
upvoted 0 times
...
Noe
1 year ago
I think the customer should choose option A.
upvoted 0 times
...

Save Cancel