- All Exams Instant Download
Which organization-level policy constraint should you enable?
You want to prevent users from accidentally deleting a Shared VPC host project . Which organization-level policy constraint should you enable?A . compute.restrictSharedVpcHostProjectsB . compute.restrictXpnProjectLienRemovalC . compute.restrictSharedVpcSubnetworksD . compute.sharedReservationsOwnerProjectsView AnswerAnswer: B Explanation: Reference: https://cloud.google.com/vpc/docs/provisioning-shared-vpc
Which boot disk encryption solution should you use on the cluster to meet this customer’s requirements?
A customer wants to move their sensitive workloads to a Compute Engine-based cluster using Managed Instance Groups (MIGs). The jobs are bursty and must be completed quickly. They have a requirement to be able to manage and rotate the encryption keys. Which boot disk encryption solution should you use on...
What should you do?
You will create a new Service Account that should be able to list the Compute Engine instances in the project. You want to follow Google-recommended practices. What should you do?A . Create an Instance Template, and allow the Service Account Read Only access for the Compute Engine Access Scope.B ....
What should you do?
You will create a new Service Account that should be able to list the Compute Engine instances in the project. You want to follow Google-recommended practices. What should you do?A . Create an Instance Template, and allow the Service Account Read Only access for the Compute Engine Access Scope.B ....
Configure private access using the restricted.googleapis.com domains in on-premises DNS configurations.
Configure private access using the restricted.googleapis.com domains in on-premises DNS configurations.View AnswerAnswer: C
Which cost reduction options should you recommend?
As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need to optimize usage to reduce cost. DLP target data is stored in Cloud Storage and BigQuery. The location and region are identified as a suffix in the resource name. Which cost reduction options should...
Which two strategies should your team use to meet these requirements?
A customer is running an analytics workload on Google Cloud Platform (GCP) where Compute Engine instances are accessing data stored on Cloud Storage. Your team wants to make sure that this workload will not be able to access, or be accessed from, the internet. Which two strategies should your team...
Which solution meets the organization's requirements?
An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT workloads. A well- established directory service is used to manage user identities and lifecycle management. This directory service must continue for the organization to use as the “source of truth” directory for identities. Which solution meets...
What should you do?
A company’s application is deployed with a user-managed Service Account key. You want to use Google- recommended practices to rotate the key. What should you do?A . Open Cloud Shell and run gcloud iam service-accounts enable-auto-rotate --iam-account=IAM_ACCOUNC . Open Cloud Shell and run gcloud iam service-accounts keys rotate --iam-account=IAM_ACCOUNT --key=NEW_KEE...
What should you do?
You will create a new Service Account that should be able to list the Compute Engine instances in the project. You want to follow Google-recommended practices. What should you do?A . Create an Instance Template, and allow the Service Account Read Only access for the Compute Engine Access Scope.B ....
