PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #323
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #323: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #323. The question stem and answer options stay visible for context.
Question
There is a threat actor that is targeting organizations like yours. Attacks are always initiated from a known IP address range. You want to deny-list those IPs for your website, which is exposed to the internet through an Application Load Balancer. What should you do?
Options
- ACreate a Cloud Armor policy with a deny-rule for the known IP address range. Attach the policy to
- BActivate Identity-Aware Proxy for the backend of the Application Load Balancer. Create a firewall
- CCreate a log sink with a filter containing the known IP address range. Trigger an alert that detects
- DCreate a Cloud Firewall policy with a deny-rule for the known IP address range. Associate the
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.