Answer-first summary for fast verification
Answer: Configure a hierarchical firewall policy. Enable TLS interception by using Cloud Next Generation Firewall (NGFW) Enterprise.
Option C is correct because it utilizes Cloud Next Generation Firewall (NGFW) Enterprise with TLS inspection capabilities, which is specifically designed for decrypting and inspecting encrypted traffic for threats like malware. The hierarchical firewall policy ensures consistent security enforcement across the organization. Option A (Secure Web Proxy) is incorrect as it's primarily for outbound traffic filtering, not incoming traffic protection. Option B (internal proxy load balancer) is unsuitable as load balancers in Google Cloud don't provide deep TLS inspection for security purposes. Option D (VPC firewall rule) is incorrect because TLS inspection requires the advanced capabilities of NGFW Enterprise with hierarchical policies, not basic VPC firewall rules. The community discussion shows strong consensus for C with detailed reasoning about NGFW's TLS inspection capabilities being the appropriate solution for incoming traffic protection.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are deploying a new web application on Google Cloud that will be accessed from your on-premises network. To protect against threats such as malware, you need to implement Transport Layer Security (TLS) interception for the incoming traffic destined for your application. What should you do?
A
Configure Secure Web Proxy. Offload the TLS traffic in the load balancer, inspect the traffic, and forward the traffic to the web application.
B
Configure an internal proxy load balancer. Offload the TLS traffic in the load balancer inspect, the traffic and forward the traffic to the web application.
C
Configure a hierarchical firewall policy. Enable TLS interception by using Cloud Next Generation Firewall (NGFW) Enterprise.
D
Configure a VPC firewall rule. Enable TLS interception by using Cloud Next Generation Firewall (NGFW) Enterprise.