New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. Google
  4. Google Cloud Certified
  5. Professional-Cloud-Security-Engineer Discussions
  6. Professional-Cloud-Security-Engineer Exam Topic 2 Question 16 Discussion

Google Cloud Certified - Professional Cloud Security Engineer Professional-Cloud-Security-Engineer Question # 16 Topic 2 Discussion

 Google Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

Google Cloud Certified - Professional Cloud Security Engineer Professional-Cloud-Security-Engineer Question # 16 Topic 2 Discussion

Professional-Cloud-Security-Engineer Exam Topic 2 Question 16 Discussion:
Question #: 16
Topic #: 2

You are a member of your company's security team. You have been asked to reduce your Linux bastion host external attack surface by removing all public IP addresses. Site Reliability Engineers (SREs) require access to the bastion host from public locations so they can access the internal VPC while off-site. How should you enable this access?
A.

Implement Cloud VPN for the region where the bastion host lives.

B.

Implement OS Login with 2-step verification for the bastion host.

C.

Implement Identity-Aware Proxy TCP forwarding for the bastion host.

D.

Implement Google Cloud Armor in front of the bastion host.

Get Premium Professional-Cloud-Security-Engineer Questions
Actual exam question for Google Professional-Cloud-Security-Engineer exam by Hale28072 at Dec 30, 2025, 12:07:06 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next