Which method should be used to protect employee credentials in this situation?
An organization receives an increasing number of phishing emails. Which method should be used to protect employee credentials in this situation?A . Multifactor AuthenticationB . A strict password policyC . Captcha on login pagesD . Encrypted emailsView AnswerAnswer: A Explanation: https://cloud.google.com/blog/products/g-suite/7-ways-admins-can-help-secure-accounts-against-phishing-g-suite https://www.duocircle.com/content/email-security-services/email-security-in- cryptography#:~:text=Customer%20Login- ,Email%20Security%20In%20Cryptography%20Is%20One%20Of%20The%20Most,Measures%20To%20Prevent%20Phishing%20Attempts&text=Cybercriminals%20love%20emails%20the%20most,networks%20all%20over%20the%20world.
What should you do?
A company has been running their application on Compute Engine. A bug in the application allowed a malicious user to repeatedly execute a script that results in the Compute Engine instance crashing. Although the bug has been fixed, you want to get notified in case this hack re-occurs. What should...
In a shared security responsibility model for IaaS, which two layers of the stack does the customer share responsibility for? (Choose two.)
In a shared security responsibility model for IaaS, which two layers of the stack does the customer share responsibility for? (Choose two.)A . HardwareB . Network SecurityC . Storage EncryptionD . Access PoliciesE . BootView AnswerAnswer: BD Explanation: https://cloud.google.com/blog/products/containers-kubernetes/exploring-container-security-the-shared-responsibility-model-in-gke-container-security-shared-responsibility-model-gke
What should you do?
Your company is storing sensitive data in Cloud Storage. You want a key generated on-premises to be used in the encryption process. What should you do?A . Use the Cloud Key Management Service to manage a data encryption key (DEK).B . Use the Cloud Key Management Service to manage a...
Which connectivity option should be implemented?
A customer is collaborating with another company to build an application on Compute Engine. The customer is building the application tier in their GCP Organization, and the other company is building the storage tier in a different GCP Organization. This is a 3-tier web application. Communication between portions of the...
Which two settings must remain disabled to meet these requirements?
Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services. Which two settings must remain disabled to meet these requirements? (Choose two.)A . Public IPB . IP ForwardingC . Private Google AccessD . Static routesE...
What should you do?
You are the security admin of your company. Your development team creates multiple GCP projects under the "implementation" folder for several dev, staging, and production workloads. You want to prevent data exfiltration by malicious insiders or compromised code by setting up a security perimeter. However, you do not want to...
Which two security characteristics are related to the use of VPC peering to connect two VPC networks? (Choose two.)
Which two security characteristics are related to the use of VPC peering to connect two VPC networks? (Choose two.)A . Central management of routes, firewalls, and VPNs for peered networksB . Non-transitive peered networks; where only directly peered networks can communicateC . Ability to peer networks that belong to different...
What should they do?
A large e-retailer is moving to Google Cloud Platform with its ecommerce website. The company wants to ensure payment information is encrypted between the customer’s browser and GCP when the customers checkout online. What should they do?A . Configure an SSL Certificate on an L7 Load Balancer and require encryption.B...
What should you do?
A company is backing up application logs to a Cloud Storage bucket shared with both analysts and the administrator. Analysts should only have access to logs that do not contain any personally identifiable information (PII). Log files containing PII should be stored in another bucket that is only accessible by...