Google Cloud Platform (GCP) Native SYN Flood Protection

Launch a 3-tier Internal Web Application with GCP's Native SYN Flood Protection

Prev Question Next Question

Question

A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP)

The customer's internal compliance requirements dictate that end- user access may only be allowed if the traffic seems to originate from a specific known good CIDR.

The customer accepts the risk that their application will only have SYN flood DDoS protection.

They want to use GCP's native SYN flood protection.

Which product should be used to meet these requirements?

Answers

A. Cloud Armor

B. VPC Firewall Rules

C. Cloud Identity and Access Management

D. Cloud CDN.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

https://cloud.google.com/blog/products/identity-security/understanding-google-cloud-armors-new-waf-capabilities

The product that should be used to meet the customer's requirements is Cloud Armor.

Explanation:

VPC Firewall Rules can be used to restrict traffic to specific IP addresses or CIDR blocks, but it does not provide SYN flood protection.
Cloud Identity and Access Management (IAM) is used for identity and access management, but it does not provide network-level protection.
Cloud CDN is a content delivery network service that accelerates the delivery of web content to users, but it does not provide network-level protection.
Cloud Armor is a DDoS protection service that provides network-level protection against SYN floods and other types of DDoS attacks. It can also be used to enforce security policies based on IP addresses or CIDR blocks, which is what the customer needs to meet their compliance requirements.

Therefore, the correct answer is A. Cloud Armor.

Prev Question Next Question