🔥 3-day streak
Professional Cloud Security Engineer109 / 152
Question 109 of 152
A retail company exposes a public web application through a Global External Application Load Balancer. Security review finds that clients can bypass the load balancer and reach the backend Compute Engine instances directly using their external IPs, avoiding Cloud Armor inspection. The security team must ensure that all traffic reaching the backends flows only through the load balancer, while keeping the application publicly reachable. Which combination of changes best enforces this?
Reviewed for accuracy · Report an issueNext question