A customer needs to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack.
Which solution should this customer use?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://cloud.google.com/blog/products/gcp/dnssec-now-available-in-cloud-dnsThe customer's requirement is to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack. To achieve this objective, the customer should use a solution that can protect their domain/IP from DNS spoofing attacks.
DNS Security Extensions (DNSSEC) is a solution that can prevent DNS spoofing attacks. DNSSEC adds a layer of security to the DNS system by digitally signing DNS records. This ensures that when a user requests a domain's IP address, the response received by the user is authentic and has not been tampered with.
Cloud Armor is a solution that provides centralized protection against distributed denial of service (DDoS) attacks. While Cloud Armor can prevent DDoS attacks, it is not specifically designed to prevent DNS spoofing attacks.
VPC Flow Logs are a solution that captures IP traffic flow information from VPCs. While VPC Flow Logs can be used for troubleshooting network connectivity issues and security analysis, it is not specifically designed to prevent DNS spoofing attacks.
Cloud Identity-Aware Proxy (Cloud IAP) is a solution that provides secure access to applications running on Google Cloud. While Cloud IAP can prevent unauthorized access to applications, it is not specifically designed to prevent DNS spoofing attacks.
In conclusion, the solution that the customer should use to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack is DNS Security Extensions (DNSSEC).