PROFESSIONAL-CLOUD-DEVELOPER · Question #201
You are running a web application on Google Kubernetes Engine that you inherited. You want to determine whether the application is using libraries with known vulnerabilities or is vulnerable to XSS at
The correct answer is C. Web Security Scanner. Web Security Scanner (part of Google Cloud's Security Command Center suite) is specifically built to crawl and test web applications for common vulnerabilities such as cross-site scripting (XSS), mixed content, outdated insecure libraries, and other OWASP-class issues. It produce
Question
You are running a web application on Google Kubernetes Engine that you inherited. You want to determine whether the application is using libraries with known vulnerabilities or is vulnerable to XSS attacks. Which service should you use?
Options
- AGoogle Cloud Armor
- BDebugger
- CWeb Security Scanner
- DError Reporting
How the community answered
(53 responses)- A2% (1)
- B4% (2)
- C91% (48)
- D4% (2)
Explanation
Web Security Scanner (part of Google Cloud's Security Command Center suite) is specifically built to crawl and test web applications for common vulnerabilities such as cross-site scripting (XSS), mixed content, outdated insecure libraries, and other OWASP-class issues. It produces actionable findings per URL and vulnerability type. Cloud Armor (A) is a WAF and DDoS mitigation service that blocks attacks in transit but does not scan for vulnerabilities in your code or dependencies. Debugger (B) provides live application inspection for debugging runtime state, not security analysis. Error Reporting (D) aggregates and groups application exceptions, which can surface crashes but does not proactively scan for security vulnerabilities.
Topics
Community Discussion
No community discussion yet for this question.