🔥 3-day streak
Professional Cloud Security Engineer130 / 152
Question 130 of 152
A financial services company runs analytics VMs in a private VPC subnet with no external IP addresses. Security policy requires that all outbound HTTPS traffic to the internet be inspected and allowed only to a specific list of approved SaaS domains, with TLS inspection and per-request logging. Currently the VMs use Cloud NAT for egress, but the team cannot enforce domain-based allowlists or inspect encrypted traffic. Which Google Cloud solution should they implement to meet these requirements?
Reviewed for accuracy · Report an issueNext question