PROFESSIONAL-CLOUD-DEVELOPER Question #353: Real Exam Question with Answer & Explanation

Question

You are developing a new ecommerce application that uses Cloud Run functions. You want to expose your application's APIs to public users while maintaining a high level of security. You need to ensure that only authorized users can access your APIs and that all API traffic is encrypted and protected from unauthorized access. You want to use the most scalable and secure approach. What should you do?

Options

• ADeploy your Cloud Functions behind Cloud Load Balancing, and use Cloud Armor to protect your
• BDeploy your Cloud Functions with Security Command Center enabled, and use IAM to manage
• CDeploy your Cloud Functions behind an Apigee proxy and use Apigee's authentication and
• DDeploy your Cloud Functions behind a Cloud API Gateway proxy. Create and use an API key to

Explanation

Apigee is a robust API management platform that provides comprehensive security, including authentication, authorization, and rate limiting, making it well-suited for public-facing APIs. By deploying Cloud Functions behind an Apigee proxy, you can enforce strict security policies, manage user authentication, and leverage Apigee’s built-in features for protecting your APIs against unauthorized access. Apigee also provides support for encryption, scalability, and monitoring, which meets the requirements for secure, scalable, and public access. While API Gateway offers some security features, Apigee provides a broader set of capabilities specifically tailored for secure, enterprise-grade API management.

No community discussion yet for this question.