Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test

Question 2

Your company has deployed a web-facing application on a Compute Engine behind a Load Balancer, and Cloud DNS is configured to forward traffic to the Load balancer. You have been asked to prevent attackers from manipulating responses to DNS requests for the application.

Which of the following will help you meet this requirement?

A. Configure Cloud Armor to reject traffic from certain IPs.
B. Enable and configure DNSSEC.
C. Enable and configure Cloud CDN.
D. Use an SSL load balancer.

Answer

Answer: B

Option A is incorrect. Cloud Armor protects from DDoS attacks and application threats such as XSS.
Option B is CORRECT. DNSSEC is used to authenticate responses to domain name looks, thereby preventing attackers from poisoning or manipulating responses.
Option C is incorrect. Cloud CDN is used to cache data closer to the user.
Option D is incorrect. SSL Load balancer does not prevent attackers from manipulating DNS results.

Reference:

https://cloud.google.com/dns/docs/dnssec

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55

PCSE

Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test

Question 2

Answer

Ads Blocker Detected!!!