- All Exams Instant Download
What should you do?
You are responsible for protecting highly sensitive data in BigQuery. Your operations teams need access to this data, but given privacy regulations, you want to ensure that they cannot read the sensitive fields such as email addresses and first names. These specific sensitive fields should only be available on a...
What should you do?
You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud Key Management Service (KMS). Cloud Identity and Access Management (IAM) permissions to these keys must be managed in a grouped way because the permissions should be the same for all keys. What should...
Which SCC service should you use?
You are using Security Command Center (SCC) to protect your workloads and receive alerts for suspected security breaches at your company. You need to detect cryptocurrency mining software. Which SCC service should you use?A . Container Threat DetectionB . Web Security ScannerC . Rapid Vulnerability DetectionD . Virtual Machine Threat...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
What should you do?
Your organization’s Google Cloud VMs are deployed via an instance template that configures them with a public IP address in order to host web services for external users. The VMs reside in a service project that is attached to a host (VPC) project containing one custom Shared VPC for the...
What should you do?
You need to implement an encryption-at-rest strategy that protects sensitive data and reduces key management complexity for non-sensitive data. Your solution has the following requirements: ✑ Schedule key rotation for sensitive data. ✑ Control which region the encryption keys for sensitive data are stored in. ✑ Minimize the latency to...
What should you do?
You are responsible for protecting highly sensitive data in BigQuery. Your operations teams need access to this data, but given privacy regulations, you want to ensure that they cannot read the sensitive fields such as email addresses and first names. These specific sensitive fields should only be available on a...
What could have caused this alert?
You define central security controls in your Google Cloud environment for one of the folders in your organization you set an organizational policy to deny the assignment of external IP addresses to VMs. Two days later you receive an alert about a new VM with an external IP address under...
Which document should you review to find the information?
You want to evaluate GCP for PCI compliance. You need to identify Google’s inherent controls. Which document should you review to find the information?A . Google Cloud Platform: Customer Responsibility MatrixB . PCI DSS Requirements and Security Assessment ProceduresC . PCI SSC Cloud Computing GuidelinesD . Product documentation for Compute...
