- All Exams Instant Download
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?A . SSL ProxyB . TCP ProxyC . Internal TCP/UDPD . TCP/UDP NetworkView AnswerAnswer: C Explanation: Reference: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forw arding_rule
Which two cloud offerings meet this requirement without additional compensating controls?
In order to meet PCI DSS requirements, a customer wants to ensure that all outbound traffic is authorized. Which two cloud offerings meet this requirement without additional compensating controls? (Choose two.)A . App EngineB . Cloud FunctionsC . Compute EngineD . Google Kubernetes EngineE . Cloud StorageView AnswerAnswer: C,D Explanation:...
What should your team do?
A customer has an analytics workload running on Compute Engine that should have limited internet access. Your team created an egress firewall rule to deny (priority 1000) all traffic to the internet. The Compute Engine instances now need to reach out to the public repository to get security updates ....
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)A . Ensure that the app does not run as PID 1.B . Package a single app as a container.C . Remove any unnecessary tools not needed by the app.D . Use...
Which two actions should you take?
You need to provide a corporate user account in Google Cloud for each of your developers and operational staff who need direct access to GCP resources. Corporate policy requires you to maintain the user identity in a third-party identity management provider and leverage single sign-on. You learn that a significant...
Which option should you recommend?
You are asked to recommend a solution to store and retrieve sensitive configuration data from an application that runs on Compute Engine . Which option should you recommend?A . Cloud Key Management ServiceB . Compute Engine guest attributesC . Compute Engine custom metadataD . Secret ManagerView AnswerAnswer: A Explanation: Reference:...
Validate that the App Engine Default Service Account is the only account that has a role that can write to BigQuery.
Validate that the App Engine Default Service Account is the only account that has a role that can write to BigQuery.View AnswerAnswer: C
What should you do?
Your company is using Cloud Dataproc for its Spark and Hadoop jobs. You want to be able to create, rotate, and destroy symmetric encryption keys used for the persistent disks used by Cloud Dataproc. Keys can be stored in the cloud. What should you do?A . Use the Cloud Key...
Which cryptographic token format should you use to meet these requirements?
Your company wants to determine what products they can build to help customers improve their credit scores depending on their age range. To achieve this, you need to join user information in the company's banking app with customers' credit score data received from a third party. While using this raw...
What should you do?
Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy regulations, this data can only be stored for a specific amount of time and must be fully deleted after this specific period. Data that has not yet reached the time period should...
