ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 110 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 110
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are designing a new global application using Compute Engine instances that will be exposed by a global HTTP(S) load balancer. You need to secure your application from distributed denial-of-service and application layer (layer 7) attacks. What should you do?

  • A. Configure VPC Service Controls and create a secure perimeter. Define fine-grained perimeter controls and enforce that security posture across your Google Cloud services and projects.
  • B. Configure a Google Cloud Armor security policy in your project, and attach it to the backend service to secure the application.
  • C. Configure VPC firewall rules to protect the Compute Engine instances against distributed denial-of-service attacks.
  • D. Configure hierarchical firewall rules for the global HTTP(S) load balancer public IP address at the organization level.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by AzureDP900 at Dec. 1, 2022, 2:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ananta93
11 months, 2 weeks ago
Selected Answer: B
The Answer is B. Google Cloud Armor help detect and block Layer 7 DDoS attacks.
upvoted 1 times
...
Komal697
1 year, 4 months ago
Selected Answer: B
Google Cloud Armor is the recommended solution to protect against distributed denial-of-service and application layer (layer 7) attacks in a global application that is exposed by a global HTTP(S) load balancer. Google Cloud Armor allows you to create security policies that define rules to block traffic based on IP addresses, geo-location, user-agent, and other characteristics. These policies can be applied to specific backend services, such as Compute Engine instances, to protect them from attacks. VPC Service Controls (A) and VPC firewall rules (C) are also important for securing your application, but they are not specific to DDoS and layer 7 attacks. Hierarchical firewall rules (D) are not relevant for protecting against DDoS and layer 7 attacks.
upvoted 1 times
...
pk349
1 year, 6 months ago
• B. Configure a Google Cloud Armor security policy in your project, and attach it to the backend service ***** to secure the application.
upvoted 1 times
...
ccieman2016
1 year, 8 months ago
Selected Answer: B
100% sure for B, Cloud Armor is security service to DDoS GCP.
upvoted 3 times
...
nosense
1 year, 8 months ago
seems like b https://cloud.google.com/armor security policies to help protect your load-balanced applications from distributed denial of service (DDoS) and other web-based attacks
upvoted 2 times
...
playpacman
1 year, 8 months ago
B as Cloud Armor protects against DDoS
upvoted 2 times
...
AzureDP900
1 year, 8 months ago
B. Configure a Google Cloud Armor security policy in your project, and attach it to the backend service to secure the application. https://cloud.google.com/armor https://youtu.be/Ti-ln36t__I
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel