ExpertMinds LogoExpertMinds
Medium1 markMultiple Choice
Domain 3: Designing for Security and ComplianceSecurityCloud ArmorWAF

GCP PCA · Question 45 · Domain 3: Designing for Security and Compliance

You are configuring Cloud Armor to protect a web application. Which TWO types of rules can you implement? (Select TWO)

Answer options:

A.

IP allowlist/denylist rules.

B.

Preconfigured WAF rules for SQL injection and Cross-Site Scripting (XSS).

C.

IAM identity-based access rules.

D.

VPC Peering routing rules.

E.

Data Loss Prevention (DLP) redaction rules.

How to approach this question

Identify Cloud Armor capabilities.

Full Answer

IP allowlist/denylist rules. Preconfigured WAF rules for SQL injection and Cross-Site Scripting (XSS).
Cloud Armor operates at the edge, providing IP-based access control and Layer 7 Web Application Firewall (WAF) rules to protect against common attacks like SQLi and XSS.

Common mistakes

Confusing Cloud Armor with IAP (identity) or DLP (data redaction).
44All questions46

Practice the full GCP Professional Cloud Architect Practice Exam 2

50 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ02CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ03CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...HardQ04CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...MediumQ05CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak...Easy
View all 50 questions →