Google Cloud Professional Cloud Developer — Question 129

Your web application is deployed to the corporate intranet. You need to migrate the web application to Google Cloud. The web application must be available only to company employees and accessible to employees as they travel. You need to ensure the security and accessibility of the web application while minimizing application changes. What should you do?

Answer options

• A. Configure the application to check authentication credentials for each HTTP(S) request to the application.
• B. Configure Identity-Aware Proxy to allow employees to access the application through its public IP address.
• C. Configure a Compute Engine instance that requests users to log in to their corporate account. Change the web application DNS to point to the proxy Compute Engine instance. After authenticating, the Compute Engine instance forwards requests to and from the web application.
• D. Configure a Compute Engine instance that requests users to log in to their corporate account. Change the web application DNS to point to the proxy Compute Engine instance. After authenticating, the Compute Engine issues an HTTP redirect to a public IP address hosting the web application.

Correct answer: B

Explanation

The correct answer is B because Identity-Aware Proxy provides secure access to applications running on Google Cloud by ensuring only authenticated users can reach the application via its public IP. Option A does not provide the necessary access control for traveling employees, while options C and D involve unnecessary complexity and changes to the application architecture.