Answer-first summary for fast verification
Answer: Defending against XSS and SQLi attacks
In Google Cloud's shared responsibility model for PaaS offerings like App Engine, the customer is primarily responsible for application-layer security. This includes defending against web application vulnerabilities such as Cross-Site Scripting (XSS) and SQL Injection (SQLi), as these require secure coding practices and input validation implemented by the customer. Google manages the underlying infrastructure, including VPC Flow Logs (A), Guest OS updates (C), and data encryption at rest (D), which are handled automatically by Google Cloud. The community discussion strongly supports option B with 95% consensus, citing Google's shared responsibility documentation that places application security responsibilities on the customer in PaaS models.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
An organization's security and risk management teams are concerned about delineating responsibility between themselves and Google for production workloads running on Google Cloud. They primarily use Platform-as-a-Service (PaaS) offerings, with a main focus on App Engine.
Which area of the technology stack is their primary responsibility when using App Engine?
A
Configuring and monitoring VPC Flow Logs
B
Defending against XSS and SQLi attacks
C
Managing the latest updates and security patches for the Guest OS
D
Encrypting all stored data
No comments yet.