You are a member of your company’s security team. You have been asked to reduce your Linux bastion host external attack surface by removing all public IP addresses. Site Reliability Engineers (SREs) require access to the bastion host from public locations so they can access the internal VPC while off-site. How should you enable this access?
A. Implement Cloud VPN for the region where the bastion host lives.
B. Implement OS Login with 2-step verification for the bastion host.
C. Implement Identity-Aware Proxy TCP forwarding for the bastion host.
D. Implement Google Cloud Armor in front of the bastion host.
|
Download Printable PDF. VALID exam to help you PASS. |
 |