Topic 1 Question 192
You are configuring the intrusion prevention service (IPS) feature on Cloud Next Generation Firewall Enterprise. You deployed your firewall endpoints and you need to inspect the traffic of the VMs. What should you do?
Configure Packet Mirroring to match the source/destination IP addresses of the VMs.
Configure a firewall rule to match the source/destination IP addresses of the VMs, and use the goto_next action.
Configure a firewall rule to match the hostnames of the VMs, and use the apply_security_profile_group action.
Configure a firewall rule to match the source/destination IP addresses of the VMs, and use the apply_security_profile_group action.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
When a firewall rule is configured with apply_security_profile_group, matched traffic is redirected to the Cloud NGFW endpoint along with the specified security profile group
D is right
👍 3b0b252025/02/21 - 正解だと思う選択肢: D
continued --- > The NGFW endpoint inspects the traffic using the security profiles and applies actions such as blocking, alerting, or allowing based on configured threat severity levels.
👍 3b0b252025/02/21 - 正解だと思う選択肢: D
D is correct. Security profiles help you define Layer 7 inspection policy for your Google Cloud resources. They are generic policy structures that are used by firewall endpoints to scan intercepted traffic to provide application Layer services, such as intrusion prevention.
👍 1RKS_20212025/03/04
シャッフルモード