Answer-first summary for fast verification
Answer: For all severity options (critical, high, medium, low and informational) in the security profile, change the default override action to Deny.
To effectively increase the security posture of the application by logging threats and dropping related packets, the best approach is to modify the security profile's default actions for all severity levels to Deny. This ensures that the Cloud NGFW not only logs the detected threats but also actively drops the malicious packets, providing a robust security measure. Option C directly addresses this need by allowing for the configuration of override actions for all severity levels within the security profile, making it the most appropriate choice. Options A, B, and D either do not fully leverage the capabilities of Cloud NGFW or introduce unnecessary complexity and potential security gaps.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
To enhance the security posture of your mission-critical application by logging threats and dropping related packets using Cloud Next Generation Firewall (Cloud NGFW), what steps should you take? The application is the sole workload running in the project, and a security profile with default threat signatures is already in place.
A
Configure a new default threat signature with Deny All to all severity options. Review the logs to understand the impact.
B
Set up a Linux VM as the frontend gateway for the application. Create iptables rules to drop all packets, excluding the application port.
C
For all severity options (critical, high, medium, low and informational) in the security profile, change the default override action to Deny.
D
Configure Cloud Scheduler to run a task that checks the Cloud NGFW logs to verify the threats. Configure the task to create a security profile with each signature ID set to override the default action.
No comments yet.