Google Cloud Professional Cloud Security Engineer — Question 281

You have been tasked with inspecting IP packet data for invalid or malicious content. What should you do?

Answer options

• A. Use Packet Mirroring to mirror traffic to and from particular VM instances. Perform inspection using security software that analyzes the mirrored traffic.
• B. Enable VPC Flow Logs for all subnets in the VPC. Perform inspection on the Flow Logs data using Cloud Logging.
• C. Configure the Fluentd agent on each VM Instance within the VPC. Perform inspection on the log data using Cloud Logging.
• D. Configure Google Cloud Armor access logs to perform inspection on the log data.

Correct answer: A

Explanation

The correct answer is A because Packet Mirroring allows for real-time traffic replication, enabling thorough inspection for malicious content with specialized security software. Options B and C focus on log data rather than real-time packet data, which is less effective for detecting immediate threats. Option D also involves log analysis, which does not provide the same level of detail as packet inspection.