Google Cloud Professional Cloud Security Engineer — Question 117

You are migrating your users to Google Cloud. There are cookie replay attacks with Google web and Google Cloud CLI SDK sessions on endpoint devices. You need to reduce the risk of these threats.

What should you do? (Choose two.)

Answer options

• A. Configure Google session control to a shorter duration.
• B. Set an organizational policy for OAuth 2.0 access token with a shorter duration.
• C. Set a reauthentication policy for Google Cloud services to a shorter duration.
• D. Configure a third-party identity provider with session management.
• E. Enforce Security Key Authentication with 2SV.

Correct answer: A

Explanation

The correct answer is A because configuring Google session control to a shorter duration limits the time that a session can be hijacked through cookie replay attacks. While options B and C also involve reducing durations, they are not specifically indicated as part of the necessary steps to mitigate the cookie replay risks in the context of the question. Options D and E, while enhancing security, do not directly address the cookie replay attack scenario presented.