
Explanation:
IAP provides context-aware access control using Google identities, allowing access to internal apps without VPN. It authenticates before traffic reaches the app. NAT is for outbound, LB with firewalls doesn't handle identity, VPC SC is for perimeter.
Ultimate access to all questions.
You need to deploy an internal HR web app that only employees can reach, without a VPN, using their Google identities. What do you put in front of it?
A
Cloud NAT
B
Identity-Aware Proxy (IAP)
C
An external Application LB with firewall rules
D
VPC Service Controls
No comments yet.