You are on your company's development team.

Google Professional-Cloud-Security-Engineer Question Answer

You are on your company's development team. You noticed that your web application hosted in staging on GKE dynamically includes user data in web pages without first properly validating the inputted data. This could allow an attacker to execute gibberish commands and display arbitrary content in a victim user's browser in a production environment.

How should you prevent and fix this vulnerability?

Use Cloud IAP based on IP address or end-user device attributes to prevent and fix the vulnerability.

Set up an HTTPS load balancer, and then use Cloud Armor for the production environment to prevent the potential XSS attack.

Use Web Security Scanner to validate the usage of an outdated library in the code, and then use a secured version of the included library.

Use Web Security Scanner in staging to simulate an XSS injection attack, and then use a templating system that supports contextual auto-escaping.

Google Professional-Cloud-Security-Engineer View All Questions

Google Professional-Cloud-Security-Engineer Summary

Vendor: Google
Product: Professional-Cloud-Security-Engineer
Update on: Jul 28, 2025
Questions: 266

Price: $52.5 ~~$149.99~~

Buy Now Professional-Cloud-Security-Engineer PDF + Testing Engine Pack

You are creating an internal App Engine application that needs to access a user’s Google...

Your organization has 3 TB of information in BigQuery and Cloud SQL.

Summer Special Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: vce65

You are on your company's development team.

The Answer Is:

Explanation:

Google Professional-Cloud-Security-Engineer Summary

Payments We Accept

Contact Us