Google Cloud Professional Cloud Security Engineer — Question 292
You manage your organization's Security Operations Center (SOC). You currently monitor and detect network traffic anomalies in your VPCs based on network logs. However, you want to explore your environment using network payloads and headers. Which Google Cloud product should you use?
Answer options
- A. Cloud IDS
- B. VPC Service Controls logs
- C. VPC Flow Logs
- D. Google Cloud Armor
- E. Packet Mirroring
Correct answer: A
Explanation
The correct answer is Cloud IDS, as it provides advanced threat detection by analyzing network payloads and headers. The other options, such as VPC Service Controls logs and VPC Flow Logs, focus on logging and monitoring, but do not provide in-depth analysis of payloads. Google Cloud Armor is primarily for DDoS protection, and Packet Mirroring is used for traffic analysis but does not directly provide threat detection capabilities.