Which Google Cloud service should you use?
Your organization has had a few recent DDoS attacks. You need to authenticate responses to domain name lookups. Which Google Cloud service should you use?A . Cloud DNS with DNSSEC B. Cloud NAT C. HTTP(S) Load Balancing D. Google Cloud ArmorView AnswerAnswer: A Explanation: Reference: https://developers.google.com/speed/public-dns/faq
How should you accomplish this?
You are setting up a CI/CD pipeline to deploy containerized applications to your production clusters on Google Kubernetes Engine (GKE). You need to prevent containers with known vulnerabilities from being deployed. You have the following requirements for your solution: Must be cloud-native Must be cost-efficient Minimize operational overhead How should...
Which two actions should you take when creating the super administrator accounts?
You are in charge of creating a new Google Cloud organization for your company. Which two actions should you take when creating the super administrator accounts? (Choose two.)A . Create an access level in the Google Admin console to prevent super admin from logging in to Google Cloud. B. Disable...
What should you do?
You are part of a security team investigating a compromised service account key. You need to audit which new resources were created by the service account. What should you do?A . Query Data Access logs. B. Query Admin Activity logs. C. Query Access Transparency logs. D. Query Stackdriver Monitoring Workspace.View...
What should you do?
You work for an organization in a regulated industry that has strict data protection requirements. The organization backs up their data in the cloud. To comply with data privacy regulations, this data can only be stored for a specific length of time and must be deleted after this specific period....
How should the customer achieve this using Google Cloud Platform?
A customer needs an alternative to storing their plain text secrets in their source-code management (SCM) system. How should the customer achieve this using Google Cloud Platform?A . Use Cloud Source Repositories, and store secrets in Cloud SQL. B. Encrypt the secrets with a Customer-Managed Encryption Key (CMEK), and store...
Configure private access using the restricted.googleapis.com domains in on-premises DNS configurations.
Configure private access using the restricted.googleapis.com domains in on-premises DNS configurations.View AnswerAnswer: C
What should you do?
You are troubleshooting access denied errors between Compute Engine instances connected to a Shared VPC and BigQuery datasets. The datasets reside in a project protected by a VPC Service Controls perimeter. What should you do?A . Add the host project containing the Shared VPC to the service perimeter. B. Add...
Which strategy should you use to meet these needs?
A customer’s company has multiple business units. Each business unit operates independently, and each has their own engineering group. Your team wants visibility into all projects created within the company and wants to organize their Google Cloud Platform (GCP) projects based on different business units. Each business unit also requires...
How should you accomplish this?
You are setting up a CI/CD pipeline to deploy containerized applications to your production clusters on Google Kubernetes Engine (GKE). You need to prevent containers with known vulnerabilities from being deployed. You have the following requirements for your solution: Must be cloud-native Must be cost-efficient Minimize operational overhead How should...