1. Home
  2. Discussions
  3. Google
  4. Google Cloud Platform
  5. Professional-Cloud-Network-Engineer Discussions
  6. Professional-Cloud-Network-Engineer Exam Topic 2 Question 16 Discussion

Google Cloud Certified - Professional Cloud Network Engineer Professional-Cloud-Network-Engineer Question # 16 Topic 2 Discussion

 Google Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Google Cloud Certified - Professional Cloud Network Engineer Professional-Cloud-Network-Engineer Question # 16 Topic 2 Discussion

Professional-Cloud-Network-Engineer Exam Topic 2 Question 16 Discussion:
Question #: 16
Topic #: 2

You are migrating a three-tier application architecture from on-premises to Google Cloud. As a first step in the migration, you want to create a new Virtual Private Cloud (VPC) with an external HTTP(S) load balancer. This load balancer will forward traffic back to the on-premises compute resources that run the presentation tier. You need to stop malicious traffic from entering your VPC and consuming resources at the edge, so you must configure this policy to filter IP addresses and stop cross-site scripting (XSS) attacks. What should you do?
A.

Create a Google Cloud Armor policy, and apply it to a backend service that uses an unmanaged instance group backend.

B.

Create a hierarchical firewall ruleset, and apply it to the VPC's parent organization resource node.

C.

Create a Google Cloud Armor policy, and apply it to a backend service that uses an internet network endpoint group (NEG) backend.

D.

Create a VPC firewall ruleset, and apply it to all instances in unmanaged instance groups.

Get Premium Professional-Cloud-Network-Engineer Questions
Actual exam question for Google Professional-Cloud-Network-Engineer exam by Blaise17 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next