nerdexam
Google

CLOUD-DIGITAL-LEADER · Question #154

What load balancer type is supported with Cloud Armor security policies?

The correct answer is D. HTTP(S) Only. Google Cloud Armor security policies are attached to backend services and are supported by external HTTP(S) Load Balancers (now called Global External Application Load Balancers). Cloud Armor provides WAF (Web Application Firewall) rules, DDoS protection, and IP allow/deny lists

Google Cloud Security and Networking Capabilities

Question

What load balancer type is supported with Cloud Armor security policies?

Options

  • ASSL Proxy, HTTP(S) and SSL
  • BHTTP(S) and SSL
  • CRegional SSL
  • DHTTP(S) Only

How the community answered

(29 responses)
  • B
    3% (1)
  • C
    7% (2)
  • D
    90% (26)

Explanation

Google Cloud Armor security policies are attached to backend services and are supported by external HTTP(S) Load Balancers (now called Global External Application Load Balancers). Cloud Armor provides WAF (Web Application Firewall) rules, DDoS protection, and IP allow/deny lists at the HTTP(S) layer. SSL Proxy load balancers operate at Layer 4 (TCP) and do not support Cloud Armor policy attachment. This makes sense architecturally because Cloud Armor inspects HTTP request attributes (URLs, headers, query parameters) which are only visible at the Layer 7 HTTP(S) load balancing layer.

Topics

#Cloud Armor#Load Balancers#Network Security

Community Discussion

No community discussion yet for this question.

Full CLOUD-DIGITAL-LEADER Practice