Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test
Your company has an application running on Compute Engine behind an HTTP(S) Load balancer. You have been asked to configure Cloud Armor to deny traffic from the IP address 10.0.0.150.
Which of the following does not help meet the requirement?
A. Create a Cloud Armor Security policy.
B. Specify a Priority less than 2,147,483,647.
C. Add a rule to the policy to deny access to the IP Address 10.0.0.150/24.
D. Attach the policy to the backend service of the HTTP(S) Load Balancer.
Correct Answer: C
- Option A is incorrect. This is the first step in creating Cloud Armor policies.
- Option B is incorrect. A Priority must be specified. It will be used in the order in which rules are evaluated and applied to traffic.
- Option C is CORRECT. This option denies traffic from a CIDR range of addresses, not a single IP address as specified.
- Option D is incorrect. It must be attached to a back-end service for a policy to take effect.
Reference:
Comments are closed, but trackbacks and pingbacks are open.