Google Professional Cloud Network Engineer
Get started today
Ultimate access to all questions.
Your company utilizes third-party cloud WAF provider services, which proxy all HTTPS connections from internet clients, apply security policies, and then establish new HTTPS connections to your Google Cloud global Application Load Balancer's public IP address. The backend for this load balancer consists of your Google Cloud workloads. Currently, Cloud Armor is not enabled. You need to implement a Cloud Armor security policy that blocks sessions originating from internet clients with source IP addresses within the IP_RANGE_BLOCK range. The blocking must be performed by the Cloud Armor security policy, not the third-party WAF provider. What should you do?
Your company utilizes third-party cloud WAF provider services, which proxy all HTTPS connections from internet clients, apply security policies, and then establish new HTTPS connections to your Google Cloud global Application Load Balancer's public IP address. The backend for this load balancer consists of your Google Cloud workloads. Currently, Cloud Armor is not enabled. You need to implement a Cloud Armor security policy that blocks sessions originating from internet clients with source IP addresses within the IP_RANGE_BLOCK range. The blocking must be performed by the Cloud Armor security policy, not the third-party WAF provider. What should you do?
Exam-Like