A company wants to replace its VPN-based remote access with a zero-trust solution that verifies user identity and device health before granting access to internal applications. Which Google Cloud service should they use?
Trap 1: Identity-Aware Proxy (IAP)
IAP is part of BeyondCorp but not the full solution.
Trap 2: Cloud VPN
Cloud VPN creates an IPSec tunnel, which is not zero-trust.
Trap 3: Cloud Identity
Cloud Identity is an identity management service, not a zero-trust access solution.
- A
BeyondCorp Enterprise
BeyondCorp Enterprise is the complete zero-trust product that replaces VPNs.
- B
Identity-Aware Proxy (IAP)
Why wrong: IAP is part of BeyondCorp but not the full solution.
- C
Cloud VPN
Why wrong: Cloud VPN creates an IPSec tunnel, which is not zero-trust.
- D
Cloud Identity
Why wrong: Cloud Identity is an identity management service, not a zero-trust access solution.