- All Exams Instant Download
What should the customer do to meet these requirements?
A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute Engine. Their security team wants to add a security layer so that the ERP systems only accept traffic from Cloud Identity- Aware Proxy. What should the customer do to meet these requirements?A . Make sure that the...
What should you do?
You want to limit the images that can be used as the source for boot disks. These images will be stored in a dedicated project. What should you do?A . Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted project as the...
Which GCP product should the customer implement to meet these requirements?
A customer wants to make it convenient for their mobile workforce to access a CRM web interface that is hosted on Google Cloud Platform (GCP). The CRM can only be accessed by someone on the corporate network. The customer wants to make it available over the internet. Your team requires...
What should the customer do?
A customer terminates an engineer and needs to make sure the engineer's Google account is automatically deprovisioned. What should the customer do?A . Use the Cloud SDK with their directory service to remove their IAM permissions in Cloud Identity.B . Use the Cloud SDK with their directory service to provision...
Which product should be used to meet these requirements?
A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP). The customer’s internal compliance requirements dictate that end-user access may only be allowed if the traffic seems to originate from a specific known good CIDR. The customer accepts the risk that their application will only...
What should you do?
You are a member of the security team at an organization. Your team has a single GCP project with credit card payment processing systems alongside web applications and data processing systems. You want to reduce the scope of systems subject to PCI audit standards. What should you do?A . Use...
What should you do?
Your company is storing sensitive data in Cloud Storage. You want a key generated on-premises to be used in the encryption process. What should you do?A . Use the Cloud Key Management Service to manage a data encryption key (DEK).B . Use the Cloud Key Management Service to manage a...
Which two implied firewall rules are defined on a VPC network? (Choose two.)
Which two implied firewall rules are defined on a VPC network? (Choose two.)A . A rule that allows all outbound connectionsB . A rule that denies all inbound connectionsC . A rule that blocks all inbound port 25 connectionsD . A rule that blocks all outbound connectionsE . A rule...
Process Cloud Storage objects in SIEM.
Process Cloud Storage objects in SIEM.View AnswerAnswer: C Explanation: "Your team needs to obtain a unified log view of all development cloud projects in your SIEM" - This means we are ONLY interested in development projects. "The development projects are under the NONPROD organization folder with the test and pre-production...
Which cost reduction options should you recommend?
As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need to optimize usage to reduce cost. DLP target data is stored in Cloud Storage and BigQuery. The location and region are identified as a suffix in the resource name. Which cost reduction options should...
