- All Exams Instant Download
Process Cloud Storage objects in SIEM.
Process Cloud Storage objects in SIEM.View AnswerAnswer: B
How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM system?
How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM system?A . Send all logs to the SIEM system via an existing protocol such as syslog.B . Configure every project to export all their logs to a common BigQuery DataSet, which will be queried by the...
Which product should be used to meet these requirements?
A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP). The customer’s internal compliance requirements dictate that end-user access may only be allowed if the traffic seems to originate from a specific known good CIDR. The customer accepts the risk that their application will only...
Which service should be used to accomplish this?
A customer deploys an application to App Engine and needs to check for Open Web Application Security Project (OWASP) vulnerabilities. Which service should be used to accomplish this?A . Cloud ArmorB . Google Cloud Audit LogsC . Cloud Security ScannerD . Forseti SecurityView AnswerAnswer: C Explanation: Reference: https://cloud.google.com/security-scanner/
What should you do?
A company has been running their application on Compute Engine. A bug in the application allowed a malicious user to repeatedly execute a script that results in the Compute Engine instance crashing. Although the bug has been fixed, you want to get notified in case this hack re-occurs. What should...
Which Cloud Identity password guidelines can the organization use to inform their new requirements?
An organization adopts Google Cloud Platform (GCP) for application hosting services and needs guidance on setting up password requirements for their Cloud Identity account. The organization has a password policy requirement that corporate employee passwords must have a minimum number of characters. Which Cloud Identity password guidelines can the organization...
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)A . Ensure that the app does not run as PID 1.B . Package a single app as a container.C . Remove any unnecessary tools not needed by the app.D . Use...
How should the customer achieve this using Google Cloud Platform?
A customer needs an alternative to storing their plain text secrets in their source-code management (SCM) system. How should the customer achieve this using Google Cloud Platform?A . Use Cloud Source Repositories, and store secrets in Cloud SQC . Encrypt the secrets with a Customer-Managed Encryption Key (CMEK), and store...
Which type of access should your team grant to meet this requirement?
A business unit at a multinational corporation signs up for GCP and starts moving workloads into GCP. The business unit creates a Cloud Identity domain with an organizational resource that has hundreds of projects. Your team becomes aware of this and wants to take over managing permissions and auditing the...
What should they do?
Your company has decided to make a major revision of their API in order to create better experiences for their developers. They need to keep the old version of the API available and deployable, while allowing new customers and testers to try out the new API. They want to keep...
