Google Cloud Professional Cloud Security Engineer — Question 326

Your organization is using Security Command Center Premium as a central tool to detect and alert on security threats. You also want to alert on suspicious outbound traffic that is targeting domains of known suspicious web services. What should you do?

Answer options

• A. Create a DNS Server Policy in Cloud DNS and turn on logs. Attach this policy to all Virtual Private Cloud networks with internet connectivity.
• B. Forward all logs to Chronicle Security Information and Event Management. Create an alert for suspicious egress traffic to the internet.
• C. Create a Cloud Intrusion Detection endpoint. Connect this endpoint to all Virtual Private Cloud networks with internet connectivity.
• D. Create an egress firewall policy with Threat Intelligence as the destination. Attach this policy to all Virtual Private Cloud networks with internet connectivity.

Correct answer: D

Explanation

The correct answer is D because an egress firewall policy with Threat Intelligence can effectively monitor and control outbound traffic to known malicious domains. Options A and C do not specifically address alerting on suspicious outbound traffic, while option B lacks a focused mechanism to directly filter and manage egress traffic related to known threats.