ExamGecko
Ask Question

Google Professional Cloud Security Engineer Practice Test - Questions Answers, Page 23

List of questions

Question 221

Report
Export
Collapse

Your company conducts clinical trials and needs to analyze the results of a recent study that are stored in BigQuery. The interval when the medicine was taken contains start and stop dates The interval data is critical to the analysis, but specific dates may identify a particular batch and introduce bias You need to obfuscate the start and end dates for each row and preserve the interval data.

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 222

Report
Export
Collapse

You are setting up a new Cloud Storage bucket in your environment that is encrypted with a customer managed encryption key (CMEK). The CMEK is stored in Cloud Key Management Service (KMS). in project 'pr j -a', and the Cloud Storage bucket will use project 'prj-b'. The key is backed by a Cloud Hardware Security Module (HSM) and resides in the region europe-west3. Your storage bucket will be located in the region europe-west1. When you create the bucket, you cannot access the key. and you need to troubleshoot why.

What has caused the access issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 223

Report
Export
Collapse

You are deploying regulated workloads on Google Cloud. The regulation has data residency and data access requirements. It also requires that support is provided from the same geographical location as where the data resides.

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 224

Report
Export
Collapse

You are migrating an application into the cloud The application will need to read data from a Cloud Storage bucket. Due to local regulatory requirements, you need to hold the key material used for encryption fully under your control and you require a valid rationale for accessing the key material.

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 225

Report
Export
Collapse

Your organization develops software involved in many open source projects and is concerned about software supply chain threats You need to deliver provenance for the build to demonstrate the software is untampered.

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 226

Report
Export
Collapse

You control network traffic for a folder in your Google Cloud environment. Your folder includes multiple projects and Virtual Private Cloud (VPC) networks You want to enforce on the folder level that egress connections are limited only to IP range 10.58.5.0/24 and only from the VPC network dev-vpc.' You want to minimize implementation and maintenance effort

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 227

Report
Export
Collapse

Your Google Cloud environment has one organization node, one folder named Apps.' and several projects within that folder The organizational node enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the terramearth.com organization The 'Apps' folder enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the flowlogistic.com organization. It also has the inheritFromParent: false property.

You attempt to grant access to a project in the Apps folder to the user [email protected].

What is the result of your action and why?

Become a Premium Member for full access
  Unlock Premium Member

Question 228

Report
Export
Collapse

You manage a fleet of virtual machines (VMs) in your organization. You have encountered issues with lack of patching in many VMs. You need to automate regular patching in your VMs and view the patch management data across multiple projects.

What should you do?

Choose 2 answers

Become a Premium Member for full access
  Unlock Premium Member

Question 229

Report
Export
Collapse

Employees at your company use their personal computers to access your organization s Google Cloud console. You need to ensure that users can only access the Google Cloud console from their corporate-issued devices and verify that they have a valid enterprise certificate

What should you do?

Become a Premium Member for full access
  Unlock Premium Member

Question 230

Report
Export
Collapse

You are developing a new application that uses exclusively Compute Engine VMs Once a day. this application will execute five different batch jobs Each of the batch jobs requires a dedicated set of permissions on Google Cloud resources outside of your application. You need to design a secure access concept for the batch jobs that adheres to the least-privilege principle

What should you do?

Become a Premium Member for full access
  Unlock Premium Member
Total 235 questions
Go to page: of 24
Search

Related questions