Google Exam Professional-Cloud-Security-Engineer Topic 1 Question 86 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 86
Topic #: 1

[All Professional Cloud Security Engineer Questions]

Your application is deployed as a highly available cross-region solution behind a global external HTTP(S) load balancer. You notice significant spikes in traffic from multiple IP addresses but it is unknown whether the IPs are malicious. You are concerned about your application's availability. You want to limit traffic from these clients over a specified time interval.

What should you do?

AConfigure a rate_based_ban action by using Google Cloud Armor and set the ban_duration_sec parameter to the specified time interval.

BConfigure a deny action by using Google Cloud Armor to deny the clients that issued too many requests over the specified time interval.

CConfigure a throttle action by using Google Cloud Armor to limit the number of requests per client over a specified time interval.

DConfigure a firewall rule in your VPC to throttle traffic from the identified IP addresses.

Show Suggested Answer

Suggested Answer: C

by Elvis at Aug 29, 2024, 02:38 AM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-Security-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Veronika

11 days ago

Aw man, I bet those traffic spikes are just my grandma trying to check her Facebook. She's got mad love for those cat videos, you know?

upvoted 0 times

...

Darell

13 days ago

I personally think option C is the way to go. Throttling the number of requests per client seems like a good approach to me.

upvoted 0 times

...

Alexia

14 days ago

I'm not sure about option A. I think option B might be a better choice to deny clients with too many requests.

upvoted 0 times

...

Georgeanna

14 days ago

Option D, really? Throttling at the firewall level? What is this, the Stone Age? Come on, Cloud Armor is where it's at, folks.

upvoted 0 times

...

Lonna

17 days ago

I agree with Polly. Option A seems like the most effective way to handle the situation.

upvoted 0 times

...

Thomasena

18 days ago

I'd go with Option A. Banning those IPs for a specific time interval is a solid security measure. Gotta keep those bad actors at bay!

upvoted 0 times

Malinda

5 days ago

Option A sounds like the best choice. Banning those IPs will definitely help protect our application.

upvoted 0 times

...

Emilio

20 days ago

Option C seems like the way to go - throttling is a smart way to limit those pesky client requests without outright denying them. Gotta keep that availability high, you know?

upvoted 0 times

Margery

13 hours ago

Yeah, throttling can help maintain a balance between allowing traffic and protecting the application from potential threats. It's a smart choice.

upvoted 0 times

...

Laura

7 days ago

Throttling definitely seems like a more balanced approach to manage the traffic and ensure the application's availability.

upvoted 0 times

...

Roslyn

9 days ago

I agree, throttling sounds like a good solution to handle the spikes in traffic without completely blocking the clients.

upvoted 0 times

...

Gracia

13 days ago

Option C seems like the way to go - throttling is a smart way to limit those pesky client requests without outright denying them. Gotta keep that availability high, you know?

upvoted 0 times

...

Polly

29 days ago

I think option A is the best choice. It allows us to set a ban duration and protect our application.

upvoted 0 times

...