GCP Professional Cloud Security Engineer Practice Question

Your security team discovered that a third-party component in one of your Compute Engine VMs can be tricked into making arbitrary HTTP requests (a potential SSRF vector). The application still needs to retrieve instance identity tokens from the metadata server for workload identity federation. Which control most effectively reduces the risk of an attacker exfiltrating the token without breaking the application's legitimate calls?

Delete the VM's default service account so that no OAuth tokens are ever issued by the metadata server.
Enable the project metadata key "block-project-ssh-keys" to prevent automatic SSH key injection into the VM.
Create an egress VPC firewall rule denying all traffic to 169.254.169.254 from the VM subnet.
Set the project metadata key "disable-legacy-endpoints" to "true" so that only the v1 metadata path requiring the Metadata-Flavor header remains reachable.

Report Issue

Answer Description

Setting the project-wide metadata key "disable-legacy-endpoints" to "true" disables the older metadata paths /0.1/ and /v1beta1/. These legacy endpoints do not require the "Metadata-Flavor: Google" request header, making them vulnerable to simple SSRF attempts. When they are disabled, only the /v1/ endpoint remains accessible, and every request must include the special header, which typical blind SSRF payloads cannot add. Removing a service account, blocking project SSH keys, or creating a VPC firewall rule do not protect the metadata server because tokens can still be fetched via the unauthenticated legacy paths or, in the case of firewall rules, because traffic to 169.254.169.254 never leaves the VM and is therefore not subject to VPC firewall enforcement.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.