Resilience Testing of Authentication Layer | Website Name

Resilience Testing of Authentication Layer

Question

Your customer wants to do resilience testing of their authentication layer.

This consists of a regional managed instance group serving a public REST API that reads from and writes to a Cloud SQL instance.

What should you do?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The best option for resilience testing of the authentication layer in this scenario would be option D, which involves configuring a read replica for the Cloud SQL instance in a different zone than the master, and manually triggering a failover while monitoring the KPIs for the REST API.

Explanation:

Resilience testing is a type of testing that aims to verify whether an application can withstand unexpected failures and continue to operate normally or with minimal disruption. In this case, the customer wants to test the resilience of their authentication layer, which is composed of a regional managed instance group serving a public REST API that reads from and writes to a Cloud SQL instance.

Option A, engaging a security company to run web scrapers that look for users' authentication data on malicious websites, is not related to resilience testing. This option is more relevant to security testing and would not help in testing the resilience of the authentication layer.

Option B, deploying intrusion detection software to the virtual machines to detect and log unauthorized access, is also not directly related to resilience testing. This option is more relevant to security monitoring and would not help in testing the resilience of the authentication layer.

Option C, scheduling a disaster simulation exercise during which all VMs in a zone are shut off to see how the application behaves, could help in testing the resilience of the entire application, but it may not specifically address the resilience of the authentication layer. Additionally, it may not be practical to shut down all VMs in a zone for a testing exercise, as it could disrupt other services running in that zone.

Option D involves configuring a read replica for the Cloud SQL instance in a different zone than the master, which provides geographic redundancy in case of a regional outage. By manually triggering a failover and monitoring the KPIs for the REST API, the customer can test whether the authentication layer can continue to operate normally in case of a failover event. This option specifically targets the resilience of the authentication layer and is therefore the most appropriate option for this scenario.

In conclusion, option D, configuring a read replica for the Cloud SQL instance in a different zone than the master, and manually triggering a failover while monitoring KPIs for the REST API, is the best option for resilience testing of the authentication layer in this scenario.