Answer-first summary for fast verification
Answer: Cloud Identity-Aware Proxy
Cloud Identity-Aware Proxy (IAP) is the optimal solution because it provides a centralized authentication layer for applications hosted on GCP, enabling secure internet access to resources that were previously restricted to the corporate network. IAP integrates with Google Sign-in and supports two-factor authentication, meeting the requirement for enhanced security. It allows fine-grained access control based on user identity and context, without requiring VPN connectivity. While Cloud VPN (option D) could provide network-level access, it does not offer the application-level authentication layer with built-in 2FA support that IAP provides. Cloud Armor (B) is a DDoS protection and web application firewall service, not an authentication service. Cloud Endpoints (C) is an API management platform, not designed for providing authentication to web applications in this context.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A company needs to provide its mobile workforce with internet-based access to a CRM web interface hosted on GCP. The CRM is currently restricted to the corporate network. The solution must include an authentication layer that supports two-factor authentication.
Which GCP product should be used to meet these requirements?
A
Cloud Identity-Aware Proxy
B
Cloud Armor
C
Cloud Endpoints
D
Cloud VPN
No comments yet.