Topic 1 Question 81
Your company's security team tends to use managed services when possible. You need to build a dashboard to show the number of deny hits that occur against configured firewall rules without increasing operational overhead. What should you do?
Configure Firewall Rules Logging. Use Firewall Insights to display the number of hits.
Configure Firewall Rules Logging. View the logs in Cloud Logging, and create a custom dashboard in Cloud Monitoring to display the number of hits.
Configure a firewall appliance from the Google Cloud Marketplace. Route all traffic through this appliance, and apply the firewall rules at this layer. Use the firewall appliance to display the number of hits.
Configure Packet Mirroring on the VPC. Apply a filter with an IP address list of the Denied Firewall rules. Configure an intrusion detection system (IDS) appliance as the receiver to display the number of hits.
ユーザの投票
コメント(7)
- 👍 5AzureDP9002022/11/30
- 正解だと思う選択肢: A
Letter A for me
👍 4ccieman20162022/12/01 - 正解だと思う選択肢: B
Option A is a valid approach, but it may increase operational overhead if you need to handle a large volume of logs or if you need to customize the display of the logs. Firewall Rules Logging captures firewall activity logs in real-time, and you can export these logs to other services like Cloud Storage, BigQuery, or Pub/Sub for further analysis. However, you would need to use another service like Firewall Insights to display the number of deny hits, which would require additional configuration and setup.
👍 2Komal6972023/03/30
シャッフルモード