PROFESSIONAL-CLOUD-DEVELOPER · Question #6
You are running an application on App Engine that you inherited. You want to find out whether the application is using insecure binaries or is vulnerable to XSS attacks. Which service should you use?
The correct answer is C. Cloud Security Scanner. Cloud Security Scanner (now part of Web Security Scanner) is specifically designed to automatically crawl and test App Engine, GKE, and Compute Engine web applications for common vulnerabilities, including Cross-Site Scripting (XSS), Flash injection, mixed content, and outdated/i
Question
You are running an application on App Engine that you inherited. You want to find out whether the application is using insecure binaries or is vulnerable to XSS attacks. Which service should you use?
Options
- ACloud Amor
- BStackdriver Debugger
- CCloud Security Scanner
- DStackdriver Error Reporting
How the community answered
(41 responses)- A2% (1)
- B5% (2)
- C93% (38)
Explanation
Cloud Security Scanner (now part of Web Security Scanner) is specifically designed to automatically crawl and test App Engine, GKE, and Compute Engine web applications for common vulnerabilities, including Cross-Site Scripting (XSS), Flash injection, mixed content, and outdated/insecure libraries. It is the correct tool for finding both insecure binaries and XSS vulnerabilities without requiring code changes. Option A (Cloud Armor) is a DDoS protection and web application firewall (WAF) that blocks attacks at the edge but does not scan for vulnerabilities. Option B (Stackdriver Debugger) lets you inspect the state of a running application without stopping it, which is a debugging tool, not a security scanner. Option D (Stackdriver Error Reporting) aggregates application runtime exceptions and crashes, not security vulnerabilities.
Topics
Community Discussion
No community discussion yet for this question.