A leading financial giant with its presence in multiple countries across the globe is using Google Cloud.
To further strengthen the security of the customer data, the organization has decided to implement some Google Cloud products that can help prevent its data from network-based volumetric distributed denial-of-service (DDoS) attacks. Which Google Cloud offering would you suggest using for this purpose?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: A.
Option A is correct.
Google Cloud Armor protects infrastructure and applications network and/or protocol-based DDoS attacks and application attacks.
Option B is incorrect.
Network Intelligence Center provides a console for easy management of Google Cloud network visibility, monitoring, and troubleshooting.
Option C is incorrect.
Cloud Shield is incorrect and is not a Google Cloud product.
Option D is incorrect.
Cloud Identity is an API that facilitates the provisioning and management of identity resources.
https://cloud.google.com/armor/docs https://cloud.google.com/network-intelligence-center/docs https://cloud.google.com/identity/docsOut of the options given, the most suitable Google Cloud offering for preventing network-based volumetric distributed denial-of-service (DDoS) attacks is Google Cloud Armor.
Google Cloud Armor is a web application firewall (WAF) that provides defense against DDoS attacks. It can protect web applications and services from threats like cross-site scripting (XSS), SQL injection, and Layer 7 DDoS attacks. Cloud Armor provides customizable security policies that allow you to block traffic based on specific criteria such as IP address, geographic location, or user agent. Additionally, it offers real-time logging and monitoring to help identify and respond to attacks.
On the other hand, Network Intelligence Center is a suite of network visibility and troubleshooting tools that provide insights into network performance and traffic flow within Google Cloud. While it may be useful for monitoring and identifying potential attacks, it does not offer DDoS protection.
Cloud Shield is not a Google Cloud offering, so it can be eliminated as an option. Cloud Identity is an identity and access management (IAM) tool that provides secure user authentication and authorization for accessing cloud resources. While it is important for overall security, it does not directly address the specific challenge of preventing DDoS attacks.
Therefore, the best option for preventing network-based volumetric DDoS attacks in this scenario is Google Cloud Armor.