ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 50 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 50
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your company has deployed an application on Compute Engine. The application is accessible by clients on port 587. You need to balance the load between the different instances running the application. The connection should be secured using TLS, and terminated by the Load Balancer.
What type of Load Balancing should you use?

  • A. Network Load Balancing
  • B. HTTP(S) Load Balancing
  • C. TCP Proxy Load Balancing
  • D. SSL Proxy Load Balancing
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by smart123 at July 11, 2020, 1:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
smart123
Highly Voted 3 years, 11 months ago
Although both TCP Proxy LB and SSL Proxy LB support port 587 but only SSL Proxy LB support TLS. Hence 'D' is the right answer.
upvoted 19 times
...
umashankar_a
Highly Voted 2 years, 11 months ago
Answer D https://cloud.google.com/load-balancing/docs/ssl - SSL Proxy Load Balancing is a reverse proxy load balancer that distributes SSL traffic coming from the internet to virtual machine (VM) instances in your Google Cloud VPC network. When using SSL Proxy Load Balancing for your SSL traffic, user SSL (TLS) connections are terminated at the load balancing layer, and then proxied to the closest available backend instances by using either SSL (recommended) or TCP.
upvoted 6 times
...
[Removed]
Most Recent 11 months ago
Selected Answer: D
"D" Although port 587 is SMTP (mail) which is an Application Layer protocol, and one might think an Application Layer (HTTPs) Load balancer is needed, according to Google docs, Application Layer LBs offload TLS at GFE which may or may not be the LB. Only the Network Proxy LB confirms TLS offloading at LB layer. Also, as a general rule, they recommend Network Proxy LB for TLS Offloading: "..As a general rule, you'd choose an Application Load Balancer when you need a flexible feature set for your applications with HTTP(S) traffic. You'd choose a proxy Network Load Balancer to implement TLS offload.." References: https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart https://cloud.google.com/load-balancing/docs/https#control-tls-termination
upvoted 2 times
...
Ishu_awsguy
1 year ago
We can use an HTTPS load balancer and change the backend services port to 587 .| HTTPS load balacer will also work
upvoted 2 times
Ishu_awsguy
1 year ago
accessible by client on port 587 is the power word. Agree with D
upvoted 1 times
...
...
AwesomeGCP
1 year, 8 months ago
Selected Answer: D
Answer D. SSL Proxy Load Balancing https://cloud.google.com/load-balancing/docs/ssl
upvoted 1 times
...
dtmtor
3 years, 2 months ago
Answer: D
upvoted 1 times
...
DebasishLowes
3 years, 3 months ago
Ans : D
upvoted 1 times
...
[Removed]
3 years, 7 months ago
Ans - D
upvoted 1 times
...
CHECK666
3 years, 8 months ago
D is the answer. SSL Proxy LoadBalancer supports TLS.
upvoted 2 times
...
mlyu
3 years, 9 months ago
Agreed with smart123. Ans is D https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel