- All Exams Instant Download
What should you do?
Your company is storing sensitive data in Cloud Storage. You want a key generated on-premises to be used in the encryption process. What should you do?A . Use the Cloud Key Management Service to manage a data encryption key (DEK).B . Use the Cloud Key Management Service to manage a...
How should the customer achieve this using Google Cloud Platform?
A customer needs an alternative to storing their plain text secrets in their source-code management (SCM) system. How should the customer achieve this using Google Cloud Platform?A . Use Cloud Source Repositories, and store secrets in Cloud SQL.B . Encrypt the secrets with a Customer-Managed Encryption Key (CMEK), and store...
How should your team design this network?
Your team needs to make sure that their backend database can only be accessed by the frontend application and no other instances on the network. How should your team design this network?A . Create an ingress firewall rule to allow access only from the application to the database using firewall...
What solution would help meet the requirements?
An organization is migrating from their current on-premises productivity software systems to G Suite. Some network security controls were in place that were mandated by a regulatory body in their region for their previous on-premises system. The organization’s risk team wants to ensure that network security controls are maintained and...
Which one of these areas in the technology stack would they need to focus on as their primary responsibility when using App Engine?
An organization's security and risk management teams are concerned about where their responsibility lies for certain production workloads they are running in Google Cloud Platform (GCP), and where Google's responsibility lies. They are mostly running workloads using Google Cloud's Platform-as-a-Service (PaaS) offerings, including App Engine primarily. Which one of these...
Which two roles should your team restrict?
Your team wants to limit users with administrative privileges at the organization level. Which two roles should your team restrict? (Choose two.)A . Organization AdministratorB . Super AdminC . GKE Cluster AdminD . Compute AdminE . Organization Role ViewerView AnswerAnswer: AB Explanation: Reference: https://cloud.google.com/resource-manager/docs/creating-managing-organization
How can you work with Infrastructure Operations Engineers to best ensure that Windows Compute Engine VMs are up to date with all the latest OS patches?
A customer deployed an application on Compute Engine that takes advantage of the elastic nature of cloud computing. How can you work with Infrastructure Operations Engineers to best ensure that Windows Compute Engine VMs are up to date with all the latest OS patches?A . Build new base images when...
What should you do?
Your company is using Cloud Dataproc for its Spark and Hadoop jobs. You want to be able to create, rotate, and destroy symmetric encryption keys used for the persistent disks used by Cloud Dataproc. Keys can be stored in the cloud. What should you do?A . Use the Cloud Key...
Which type of access should your team grant to meet this requirement?
A business unit at a multinational corporation signs up for GCP and starts moving workloads into GCP. The business unit creates a Cloud Identity domain with an organizational resource that has hundreds of projects. Your team becomes aware of this and wants to take over managing permissions and auditing the...
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)
When creating a secure container image, which two items should you incorporate into the build if possible? (Choose two.)A . Ensure that the app does not run as PID 1.B . Package a single app as a container.C . Remove any unnecessary tools not needed by the app.D . Use...
