Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test

Question 32

You are part of the security team of a global gaming firm. The company has built a new application to be deployed on GKE behind an HTTP(S) load balancer. The company wants the Load Balancer not to accept traffic from clients using out-of-date SSL features.

Which of the following Load Balancer policies will NOT meet the requirement?

A. The COMPATIBLE policy.
B. The MODERN policy.
C. The RESTRICTED policy.
D. The custom policy.

Answer

Correct Answer: A

Option A is CORRECT. The COMPATIBLE policy supports clients that use out-of-date SSL features like TLS_RSA_WITH_AES_128_GCM_SHA256.
Option B is incorrect. The MODERN policy does not support out-of-date features that use AES.
Option C is incorrect. The RESTRICTED policy does not support out-of-date features that use AES.
Option D is incorrect. The custom policy should be designed not to support out-of-date features that use AES.

Reference:

https://cloud.google.com/load-balancing/docs/ssl-policies-concepts

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55

PCSE

Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test

Question 32

Answer

Ads Blocker Detected!!!