An organization uses Cloud Armor to protect their web application. After enabling the service, they notice increased latency on some requests. Which Cloud Armor feature is most likely causing this?
Checking geographic location involves IP database lookup, which can increase latency.
Why this answer
Geo-based access control (D) is the most likely cause of increased latency because it requires Cloud Armor to perform a GeoIP lookup on every request to determine the geographic origin. This lookup adds processing overhead, especially if the organization has a large or complex set of geo-based rules, which can introduce measurable delay.
Exam trap
The trap here is that candidates often assume all security features add latency equally, but The PCDOE exam specifically tests that GeoIP lookups are the most computationally expensive compared to simple IP or rate-limit checks.
How to eliminate wrong answers
Option A is wrong because rate limiting typically reduces latency by dropping or throttling excess requests, not increasing it. Option B is wrong because IP blacklist/whitelist checks are simple, fast lookups in a small list that add negligible latency. Option C is wrong because pre-configured WAF rules (e.g., OWASP Top 10) are evaluated efficiently by Cloud Armor's edge infrastructure and are not a primary source of added latency.