How should the customer ensure authenticated network separation between the different tiers of the application?

A customer wants to deploy a large number of 3-tier web applications on Compute Engine. How should the customer ensure authenticated network separation between the different tiers of the application?A . Run each tier in its own Project, and segregate using Project labels. B. Run each tier with a different...

October 27, 2022 No Comments READ MORE +

Which type of load balancer should you use to maintain client IP by default while using the standard network tier?

Which type of load balancer should you use to maintain client IP by default while using the standard network tier?A . SSL Proxy B. TCP Proxy C. Internal TCP/UDP D. TCP/UDP NetworkView AnswerAnswer: C Explanation: Reference: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forwarding_rule

October 27, 2022 No Comments READ MORE +

Which method should be used to protect employee credentials in this situation?

An organization receives an increasing number of phishing emails. Which method should be used to protect employee credentials in this situation?A . Multifactor Authentication B. A strict password policy C. Captcha on login pages D. Encrypted emailsView AnswerAnswer: D

October 27, 2022 No Comments READ MORE +

Which options are necessary to ensure that authentication is supported by the third-party identity provider (IdP)?

You want to use the gcloud command-line tool to authenticate using a third-party single sign-on (SSO) SAML identity provider. Which options are necessary to ensure that authentication is supported by the third-party identity provider (IdP)? (Choose two.)A . SSO SAML as a third-party IdP B. Identity Platform C. OpenID Connect...

October 27, 2022 No Comments READ MORE +

What should you do?

You work for a large organization where each business unit has thousands of users. You need to delegate management of access control permissions to each business unit. You have the following requirements: Each business unit manages access controls for their own projects. Each business unit manages access control permissions at...

October 26, 2022 No Comments READ MORE +

Which solution will restrict access to the in-progress sites?

A website design company recently migrated all customer sites to App Engine. Some sites are still in progress and should only be visible to customers and company employees from any location. Which solution will restrict access to the in-progress sites?A . Upload an .htaccess file containing the customer and employee...

October 26, 2022 No Comments READ MORE +

Which service should be used to accomplish this?

A customer deploys an application to App Engine and needs to check for Open Web Application Security Project (OWASP) vulnerabilities. Which service should be used to accomplish this?A . Cloud Armor B. Google Cloud Audit Logs C. Cloud Security Scanner D. Forseti SecurityView AnswerAnswer: C Explanation: Reference: https://cloud.google.com/security-scanner/

October 25, 2022 No Comments READ MORE +

How should you advise this organization?

An organization’s typical network and security review consists of analyzing application transit routes, request handling, and firewall rules. They want to enable their developer teams to deploy new applications without the overhead of this full review. How should you advise this organization?A . Use Forseti with Firewall filters to catch...

October 25, 2022 No Comments READ MORE +

What should you do?

You want to limit the images that can be used as the source for boot disks. These images will be stored in a dedicated project. What should you do?A . Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted project as the...

October 25, 2022 No Comments READ MORE +

Which tool should you use?

You are the project owner for a regulated workload that runs in a project you own and manage as an Identity and Access Management (IAM) admin. For an upcoming audit, you need to provide access reviews evidence. Which tool should you use?A . Policy Troubleshooter B. Policy Analyzer C. IAM...

October 25, 2022 No Comments READ MORE +