Topic 1 Question 16
An organization's typical network and security review consists of analyzing application transit routes, request handling, and firewall rules. They want to enable their developer teams to deploy new applications without the overhead of this full review. How should you advise this organization?
Use Forseti with Firewall filters to catch any unwanted configurations in production.
Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.
Route all VPC traffic through customer-managed routers to detect malicious patterns in production.
All production applications will run on-premises. Allow developers free rein in GCP as their dev and QA platforms.
ユーザの投票
コメント(17)
@TNT87 and others, if you say (B) or even (C) or (A) can you provide proof and URLs to support your claims. Simply saying if you have done Cloud Architect you will know Everything under the sun is not the proper response, this is a discussion and a community here trying to learn. Not everyone will be in same standard or level. Be helpful for others please....
👍 13bluetaurianbull2021/03/29Its B. Reasons:
- They are asking for advise for Developers. (IaC is the suitable as they don't have to worry about managing infrastructure manually). Moreover "An organization’s typical network and security review consists of analyzing application transit routes, request handling, and firewall rules." statement is defining the process, they are not asking about the option to review the rules. Using Forseti is not reducing the overhead for Developers.
👍 9OSNG2021/09/02if you done Cloud Rchitect,you will understand why the answer is B
👍 4TNT872021/02/19
シャッフルモード