- All Exams Instant Download
What product should you recommend to detect firewall rules that are overlapped by attributes from other firewall rules with higher or equal priority?
You recently joined the networking team supporting your company's Google Cloud implementation. You are tasked with familiarizing yourself with the firewall rules configuration and providing recommendations based on your networking and Google Cloud experience . What product should you recommend to detect firewall rules that are overlapped by attributes from...
Which solution should you use?
Your organization recently deployed a new application on Google Kubernetes Engine. You need to deploy a solution to protect the application. The solution has the following requirements: Scans must run at least once per week Must be able to detect cross-site scripting vulnerabilities Must be able to authenticate using Google...
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?A . SSL ProxyB . TCP ProxyC . Internal TCP/UDPD . TCP/UDP NetworkView AnswerAnswer: C Explanation: Reference: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forw arding_rule
Which GCP solution should the organization use?
An organization is starting to move its infrastructure from its on-premises environment to Google Cloud Platform (GCP). The first step the organization wants to take is to migrate its current data backup and disaster recovery solutions to GCP for later analysis. The organization’s production environment will remain on- premises for...
Which option meets the requirement of your team?
An application running on a Compute Engine instance needs to read data from a Cloud Storage bucket. Your team does not allow Cloud Storage buckets to be globally readable and wants to ensure the principle of least privilege. Which option meets the requirement of your team?A . Create a Cloud...
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?A . SSL ProxyB . TCP ProxyC . Internal TCP/UDPD . TCP/UDP NetworkView AnswerAnswer: C Explanation: Reference: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forw arding_rule
What should you do?
You need to follow Google-recommended practices to leverage envelope encryption and encrypt data at the application layer. What should you do?A . Generate a data encryption key (DEK) locally to encrypt the data, and generate a new key encryption key (KEK) in Cloud KMS to encrypt the DEB . Store...
In a shared security responsibility model for IaaS, which two layers of the stack does the customer share responsibility for? (Choose two.)
In a shared security responsibility model for IaaS, which two layers of the stack does the customer share responsibility for? (Choose two.)A . HardwareB . Network SecurityC . Storage EncryptionD . Access PoliciesE . BootView AnswerAnswer: C,D
Which two steps should the company take to meet these requirements?
A customer has 300 engineers. The company wants to grant different levels of access and efficiently manage IAM permissions between users in the development and production environment projects. Which two steps should the company take to meet these requirements? (Choose two.)A . Create a project with multiple VPC networks for...
What should you do?
You will create a new Service Account that should be able to list the Compute Engine instances in the project. You want to follow Google-recommended practices. What should you do?A . Create an Instance Template, and allow the Service Account Read Only access for the Compute Engine Access Scope.B ....
