https://cloud.google.com/armor/docs/cloud-armor-overview
Google Cloud Armor를 사용하면 DDoS 공격과 교차 사이트 스크립팅(XSS), SQL 삽입(SQLi)과 같은 애플리케이션 공격을 포함한 여러 유형의 위협으로부터 Google Cloud 배포를 보호할 수 있습니다.
Google 규모의 DDoS 방지 및 WAF 활용
Cloud Load Balancing 워크로드에 대한 공격을 감지하고 완화
레이어 7 DDoS 공격을 감지하고 차단하는 데 유용한 Adaptive Protection ML 기반 메커니즘
OWASP 10대 위험을 완화하고 온프레미스 또는 클라우드에서 워크로드 보호
reCAPTCHA Enterprise와 기본 통합을 통해 에지에서 사기를 방지하는 봇 관리
A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP). The customer's internal compliance requirements dictate that end- user access may only be allowed if the traffic seems to originate from a specific known good CIDR. The customer accepts the risk that their application will only have SYN flood DDoS protection. They want to use GCP's native SYN flood protection.
Which product should be used to meet these requirements?
A. Cloud Armor
Topic 1
An engineering team is launching a web application that will be public on the internet. The web application is hosted in multiple GCP regions and will be directed to the respective backend based on the URL request.
Your team wants to avoid exposing the application directly on the internet and wants to deny traffic from a specific list of malicious IP addresses.
Which solution should your team implement to meet these requirements?
A. Cloud Armor
