Google Cloud Professional Cloud Security Engineer Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Google Cloud Professional Cloud Security Engineer Exam with our interactive quiz. Study with flashcards and multiple-choice questions, complete with hints and explanations. Ace your exam with confidence!

Practice this question and more.

Which component is used to expose the administrative application running on a VM to users securely?

Cloud VPN
HTTP Load Balancing with IAP
Cloud Router
Firewall rules

The correct answer is: HTTP Load Balancing with IAP

The correct choice, HTTP Load Balancing with Identity-Aware Proxy (IAP), is appropriate because it effectively secures access to administrative applications running on virtual machines in Google Cloud. With IAP, security is enhanced by ensuring that only authenticated and authorized users can access the application, regardless of where they are located. IAP acts as a gatekeeper, verifying user identity and their permissions against the application's policies before granting access. This approach not only protects the application from unauthorized access but also negates the need for open public IP addresses or VPNs for remote access, which can be potential security risks. In contrast, while Cloud VPN can create a secure connection between on-premises networks and Google Cloud resources, it does not provide the fine-grained access control that IAP offers. Cloud Router is primarily for managing dynamic routing for VPN and Interconnect connections, which does not directly expose applications to users. Firewall rules are essential for controlling traffic to and from a VM but do not provide user authentication or application access management, which is critical for administrative applications. Thus, using HTTP Load Balancing with IAP ensures both accessibility and robust security, making it the preferred choice for securely exposing administrative applications on VMs to users.