ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 163 - Professional Cloud DevOps Engineer discussion

Report
Export

Your company operates in a highly regulated domain. Your security team requires that only trusted container images can be deployed to Google Kubernetes Engine (GKE). You need to implement a solution that meets the requirements of the security team, while minimizing management overhead. What should you do?

A.
Grant the roles/artifactregistry. writer role to the Cloud Build service account. Confirm that no employee has Artifact Registry write permission.
Answers
A.
Grant the roles/artifactregistry. writer role to the Cloud Build service account. Confirm that no employee has Artifact Registry write permission.
B.
Use Cloud Run to write and deploy a custom validator Enable an Eventarc trigger to perform validations when new images are uploaded.
Answers
B.
Use Cloud Run to write and deploy a custom validator Enable an Eventarc trigger to perform validations when new images are uploaded.
C.
Configure Kritis to run in your GKE clusters to enforce deploy-time security policies.
Answers
C.
Configure Kritis to run in your GKE clusters to enforce deploy-time security policies.
D.
Configure Binary Authorization in your GKE clusters to enforce deploy-time security policies
Answers
D.
Configure Binary Authorization in your GKE clusters to enforce deploy-time security policies
Suggested answer: D
asked 18/09/2024
Tomas Ojeda
41 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first