- All Exams Instant Download
What should you do?
A company has been running their application on Compute Engine. A bug in the application allowed a malicious user to repeatedly execute a script that results in the Compute Engine instance crashing. Although the bug has been fixed, you want to get notified in case this hack re-occurs. What should...
Which two implied firewall rules are defined on a VPC network? (Choose two.)
Which two implied firewall rules are defined on a VPC network? (Choose two.)A . A rule that allows all outbound connectionsB . A rule that denies all inbound connectionsC . A rule that blocks all inbound port 25 connectionsD . A rule that blocks all outbound connectionsE . A rule...
What should your team do to meet these requirements?
Your team wants to centrally manage GCP IAM permissions from their on-premises Active Directory Service. Your team wants to manage permissions by AD group membership. What should your team do to meet these requirements?A . Set up Cloud Directory Sync to sync groups, and set IAM permissions on the groups.B...
What should you do?
You need to follow Google-recommended practices to leverage envelope encryption and encrypt data at the application layer. What should you do?A . Generate a data encryption key (DEK) locally to encrypt the data, and generate a new key encryption key (KEK) in Cloud KMS to encrypt the DEB . Store...
Which recommendation should an architect make to the client?
An Adobe Target client recently acquired Audience Manager to manage and activate its audiences in the targeting platforms including Adobe Target. The client is planning to implement Experience Cloud ID service in the next 6 months. The client would like to share the audiences with Adobe Target for an onsite...
Which solution should this customer use?
A customer needs to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack. Which solution should this customer use?A . VPC Flow LogsB . Cloud ArmorC . DNS Security ExtensionsD . Cloud Identity-Aware ProxyView AnswerAnswer: C Explanation: Reference: https://cloud.google.com/blog/products/gcp/dnssec-now-available-in-cloud-dns
Which two settings must remain disabled to meet these requirements?
Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services. Which two settings must remain disabled to meet these requirements? (Choose two.)A . Public IPB . IP ForwardingC . Private Google AccessD . Static routesE...
