nerdexam
Google

CLOUD-DIGITAL-LEADER · Question #165

A customer deploys an application to App Engine and needs to check for Open Web Appli-cation Security Project (OWASP) vulnerabilities. Which service should be used to accom-plish this?

The correct answer is B. Cloud Security Scanner. Cloud Security Scanner (B) is GCP's purpose-built web application vulnerability scanner that specifically detects OWASP Top 10 vulnerabilities (such as XSS, mixed content, and outdated libraries) in App Engine, GKE, and Compute Engine applications. Cloud Armor (A) is a WAF and DD

Security Operations and Vulnerability Management

Question

A customer deploys an application to App Engine and needs to check for Open Web Appli-cation Security Project (OWASP) vulnerabilities. Which service should be used to accom-plish this?

Options

  • ACloud Armor
  • BCloud Security Scanner
  • CBinary Authorization
  • DForseti Security

How the community answered

(31 responses)
  • A
    3% (1)
  • B
    87% (27)
  • C
    3% (1)
  • D
    6% (2)

Explanation

Cloud Security Scanner (B) is GCP's purpose-built web application vulnerability scanner that specifically detects OWASP Top 10 vulnerabilities (such as XSS, mixed content, and outdated libraries) in App Engine, GKE, and Compute Engine applications. Cloud Armor (A) is a WAF and DDoS protection service that mitigates attacks but does not scan your application for vulnerabilities. Binary Authorization (C) ensures only trusted container images are deployed. Forseti Security (D) is an open-source security monitoring tool for GCP resource configurations, not an application vulnerability scanner.

Topics

#Application Security#Vulnerability Scanning#OWASP#Cloud Security Scanner

Community Discussion

No community discussion yet for this question.

Full CLOUD-DIGITAL-LEADER Practice