Practice Test 3 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test

Question 3

As a network engineer on a GCP team. Your team manages an external facing App, deployed behind An HTTPS load balancer. You notice in the logs that certain traffic that has a deny rule configured in a Cloud Armor security policy is been allowed.

Which of the following could be the reason? Choose two.

A. The security policy was attached to the wrong backend or not attached at all.
B. The hierarchy of the rules has a higher priority rule that allows the traffic.
C. The ingress firewall rules allow the traffic
D. The Load balancer proxies the traffic.

Answer

Answer: A & B

Option A is correct, if the policy is not attached to a backend it cannot take it.

Option B is correct, the hierarchy of rules in a cloud armor policy is very important.

Option C is incorrect, this has no effect on the cloud armor policy

Option D is incorrect. This has no effect on the cloud armor policy applied to the backend.

https://cloud.google.com/armor/docs/troubleshooting highlights troubleshooting issues in Cloud Armor.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

PCNE

Practice Test 3 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test

Question 3

Answer

Ads Blocker Detected!!!