To enhance the security posture of your mission-critical application by logging threats and dropping related packets using Cloud Next Generation Firewall (Cloud NGFW), what steps should you take? The application is the sole workload running in the project, and a security profile with default threat signatures is already in place.

Exam-Like

Configure a new default threat signature with Deny All to all severity options. Review the logs to understand the impact.

33.3%

Set up a Linux VM as the frontend gateway for the application. Create iptables rules to drop all packets, excluding the application port.

0.0%

For all severity options (critical, high, medium, low and informational) in the security profile, change the default override action to Deny.

50.0%

Configure Cloud Scheduler to run a task that checks the Cloud NGFW logs to verify the threats. Configure the task to create a security profile with each signature ID set to override the default action.

16.7%

Google Professional Cloud Network Engineer

Get started today

Comments