nerdexam
Google

PROFESSIONAL-CLOUD-DEVELOPER · Question #201

You are running a web application on Google Kubernetes Engine that you inherited. You want to determine whether the application is using libraries with known vulnerabilities or is vulnerable to XSS at

The correct answer is C. Web Security Scanner. Web Security Scanner (part of Google Cloud's Security Command Center suite) is specifically built to crawl and test web applications for common vulnerabilities such as cross-site scripting (XSS), mixed content, outdated insecure libraries, and other OWASP-class issues. It produce

Securing Applications

Question

You are running a web application on Google Kubernetes Engine that you inherited. You want to determine whether the application is using libraries with known vulnerabilities or is vulnerable to XSS attacks. Which service should you use?

Options

  • AGoogle Cloud Armor
  • BDebugger
  • CWeb Security Scanner
  • DError Reporting

How the community answered

(53 responses)
  • A
    2% (1)
  • B
    4% (2)
  • C
    91% (48)
  • D
    4% (2)

Explanation

Web Security Scanner (part of Google Cloud's Security Command Center suite) is specifically built to crawl and test web applications for common vulnerabilities such as cross-site scripting (XSS), mixed content, outdated insecure libraries, and other OWASP-class issues. It produces actionable findings per URL and vulnerability type. Cloud Armor (A) is a WAF and DDoS mitigation service that blocks attacks in transit but does not scan for vulnerabilities in your code or dependencies. Debugger (B) provides live application inspection for debugging runtime state, not security analysis. Error Reporting (D) aggregates and groups application exceptions, which can surface crashes but does not proactively scan for security vulnerabilities.

Topics

#Application Security#Vulnerability Scanning#Web Security Scanner#XSS

Community Discussion

No community discussion yet for this question.

Full PROFESSIONAL-CLOUD-DEVELOPER Practice