Answer-first summary for fast verification
Answer: Create a Cloud Armor Policy rule that denies traffic, enable preview mode, and review necessary logs.
The correct approach is to use Cloud Armor's preview mode to log potential malicious traffic without blocking it, allowing verification of the client IP before enforcement. Cloud Armor operates at the load balancer level and can capture the original client IP, unlike VPC Firewall rules, which would see the load balancer's IP as the source. Preview mode (Option B) logs traffic matching the rule while keeping enforcement disabled, minimizing disruption. Options C and D use VPC Firewall, which is unsuitable here due to the load balancer's presence. Option A immediately denies traffic, risking disruption if the IP is incorrect.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company provides a popular gaming service with instances using private IP addresses, and external access is routed through a global load balancer. You suspect a potential malicious actor but are unsure of the correct client IP address. How can you identify this actor while minimizing impact on legitimate users?
A
Create a Cloud Armor Policy rule that denies traffic and review necessary logs.
B
Create a Cloud Armor Policy rule that denies traffic, enable preview mode, and review necessary logs.
C
Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to disabled, and review necessary logs.
D
Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to enabled, and review necessary logs.