Answer-first summary for fast verification
Answer: Packet Mirroring
The question requires inspecting both network flows and their payloads (full packet data including headers and content). Packet Mirroring (D) is the correct choice because it clones all traffic from specified VPC instances, capturing complete packet data including payloads and headers, which enables deep packet inspection for security investigations. VPC Flow Logs (B) only provide metadata about network flows (source/destination, ports, protocol) without payload content. VPC Service Controls logs (C) focus on service perimeter violations, not packet payload inspection. Google Cloud Armor Deep Packet Inspection (E) is for web application protection at the edge, not general VPC traffic inspection. Marketplace IDS (A) is a third-party solution, not a native Google Cloud product for this specific payload inspection capability.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You manage your organization's Security Operations Center (SOC). You currently monitor for network traffic anomalies in your Google Cloud VPCs using packet header information. You now need the ability to inspect network flows and their payloads to assist with investigations. Which Google Cloud product should you use?
A
Marketplace IDS
B
VPC Flow Logs
C
VPC Service Controls logs
D
Packet Mirroring
E
Google Cloud Armor Deep Packet Inspection
No comments yet.