- All Exams Instant Download
Which SCC service should you use?
You are using Security Command Center (SCC) to protect your workloads and receive alerts for suspected security breaches at your company. You need to detect cryptocurrency mining software. Which SCC service should you use?A . Container Threat DetectionB . Web Security ScannerC . Rapid Vulnerability DetectionD . Virtual Machine Threat...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
What should you do?
Your organization’s Google Cloud VMs are deployed via an instance template that configures them with a public IP address in order to host web services for external users. The VMs reside in a service project that is attached to a host (VPC) project containing one custom Shared VPC for the...
What should you do?
You need to implement an encryption-at-rest strategy that protects sensitive data and reduces key management complexity for non-sensitive data. Your solution has the following requirements: ✑ Schedule key rotation for sensitive data. ✑ Control which region the encryption keys for sensitive data are stored in. ✑ Minimize the latency to...
What should you do?
You are responsible for protecting highly sensitive data in BigQuery. Your operations teams need access to this data, but given privacy regulations, you want to ensure that they cannot read the sensitive fields such as email addresses and first names. These specific sensitive fields should only be available on a...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
Which document should you review to find the information?
You want to evaluate GCP for PCI compliance. You need to identify Google’s inherent controls. Which document should you review to find the information?A . Google Cloud Platform: Customer Responsibility MatrixB . PCI DSS Requirements and Security Assessment ProceduresC . PCI SSC Cloud Computing GuidelinesD . Product documentation for Compute...
Which type of networking design should your team use to meet these requirements?
Your team needs to configure their Google Cloud Platform (GCP) environment so they can centralize the control over networking resources like firewall rules, subnets, and routes. They also have an on-premises environment where resources need access back to the GCP resources through a private VPN connection. The networking resources will...
Which solution will restrict access to the in-progress sites?
A website design company recently migrated all customer sites to App Engine. Some sites are still in progress and should only be visible to customers and company employees from any location. Which solution will restrict access to the in-progress sites?A . Upload an .htaccess file containing the customer and employee...
