Answer-first summary for fast verification
Answer: Deploy the TLS certificate at Google Cloud Global HTTPs Load Balancer, and submit the user credentials through HTTPs.
The question requires implementing end-to-end encryption for user login credentials in an internet-facing application behind a load balancer. Option C is optimal because deploying a TLS certificate at the Google Cloud Global HTTPS Load Balancer and submitting credentials through HTTPS provides true end-to-end encryption. The load balancer terminates TLS but can re-encrypt traffic to backend services (SSL bridging), maintaining encryption throughout the transmission path. This approach is scalable, aligns with Google Cloud best practices for encryption in transit, and satisfies regulatory requirements. Option D (asymmetric encryption with Cloud KMS) provides encryption but is less scalable and practical for real-time credential transmission compared to TLS. Options A and B are unsuitable: A uses symmetric encryption without specifying secure key exchange, and B uses hashing without encryption, failing to provide confidentiality. The community discussion shows 78% support for C, with key insights noting that SSL bridging maintains end-to-end encryption while ensuring scalability.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization has an internet-facing application served by a load balancer. Regulatory compliance mandates end-to-end encryption for user login credentials. How should you implement this?
A
Generate a symmetric key with Cloud KMS. Encrypt client-side user credentials by using the symmetric key.
B
Concatenate the credential with a timestamp. Submit the timestamp and hashed value of credentials to the network.
C
Deploy the TLS certificate at Google Cloud Global HTTPs Load Balancer, and submit the user credentials through HTTPs.
D
Generate an asymmetric key with Cloud KMS. Encrypt client-side user credentials using the public key.
No comments yet.