Google Professional Cloud Security Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Configure a throttle action by using Google Cloud Armor to limit the number of requests per client over a specified time interval.

Option A is the correct choice because it uses Google Cloud Armor's throttle action to limit the number of requests per client over a specified time interval, which aligns with the requirement to limit traffic without completely blocking potentially legitimate clients. This approach maintains application availability while controlling traffic spikes. Option B (rate_based_ban) and Option D (deny action) are less suitable as they would ban or deny clients outright, which is inappropriate when the intent of the IP addresses is unknown and could block legitimate traffic. Option C (VPC firewall rule) is not ideal because it lacks the granular, per-client rate-limiting capability and would affect all traffic from the specified IPs without time-based controls, potentially disrupting legitimate users. The community discussion strongly supports Option A, with 100% consensus and upvoted comments emphasizing that throttling is preferred over banning when client intent is uncertain.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Configure a throttle action by using Google Cloud Armor to limit the number of requests per client over a specified time interval.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

You have a highly available, cross-region application behind a global external HTTP(S) load balancer. You observe significant traffic spikes from multiple IP addresses of unknown intent and are concerned about application availability. You need to limit the traffic from these clients within a specified time interval.

What should you do?

Exam-Like