Join the discussion
Question 53/121
A company is running workloads in a dedicated server room. They must only be accessed from within the private company network. You need to connect to these workloads from Compute Engine instances within a Google Cloud Platform project.
Which two approaches can you take to meet the requirements? (Choose two.)
Which two approaches can you take to meet the requirements? (Choose two.)
Correct Answer: A,C
Add Comments
- Other Question (121q)
- Q1. Your team needs to make sure that a Compute Engine instance does not have access to the in...
- Q2. An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT worklo...
- Q3. A patch for a vulnerability has been released, and a DevOps team needs to update their run...
- Q4. How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM...
- Q5. You are creating an internal App Engine application that needs to access a user's Google D...
- Q6. An application running on a Compute Engine instance needs to read data from a Cloud Storag...
- Q7. When creating a secure container image, which two items should you incorporate into the bu...
- Q8. You need to set up two network segments: one with an untrusted subnet and the other with a...
- Q9. A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP...
- Q10. A business unit at a multinational corporation signs up for GCP and starts moving workload...
- Q11. A company's application is deployed with a user-managed Service Account key. You want to u...
- Q12. What are the steps to encrypt data using envelope encryption?...
- Q13. Your team needs to make sure that a Compute Engine instance does not have access to the in...
- Q14. Your customer is moving their corporate applications to Google Cloud Platform. The securit...
- Q15. Your company wants to collect and analyze CVE information for packages in container images...
- Q16. Your team sets up a Shared VPC Network where project co-vpc-prod is the host project. Your...
- Q17. Applications often require access to "secrets" -small pieces of sensitive data at build or...
- Q18. Which international compliance standard provides guidelines for information security contr...
- Q19. A patch for a vulnerability has been released, and a DevOps team needs to update their run...
- Q20. You are troubleshooting access denied errors between Compute Engine instances connected to...
- Q21. A customer deploys an application to App Engine and needs to check for Open Web Applicatio...
- Q22. A company is running workloads in a dedicated server room. They must only be accessed from...
- Q23. What are the steps to encrypt data using envelope encryption?...
- Q24. You are a security administrator at your company. Per Google-recommended best practices, y...
- Q25. You are a member of the security team at an organization. Your team has a single GCP proje...
- Q26. You want to limit the images that can be used as the source for boot disks. These images w...
- Q27. You need to provide a corporate user account in Google Cloud for each of your developers a...
- Q28. Your team wants to centrally manage GCP IAM permissions from their on-premises Active Dire...
- Q29. You need to enable VPC Service Controls and allow changes to perimeters in existing enviro...
- Q30. A company has been running their application on Compute Engine. A bug in the application a...
- Q31. Your company is deploying their applications on Google Kubernetes Engine. You want to foll...
- Q32. You are responsible for protecting highly sensitive data in BigQuery. Your operations team...
- Q33. A customer is running an analytics workload on Google Cloud Platform (GCP) where Compute E...
- Q34. You are exporting application logs to Cloud Storage. You encounter an error message that t...
- Q35. In a shared security responsibility model for IaaS, which two layers of the stack does the...
- Q36. A company is deploying their application on Google Cloud Platform. Company policy requires...
- Q37. An organization's typical network and security review consists of analyzing application tr...
- Q38. When working with agents in a support center via online chat, an organization's customers ...
- Q39. Your team wants to centrally manage GCP IAM permissions from their on-premises Active Dire...
- Q40. A DevOps team will create a new container to run on Google Kubernetes Engine. As the appli...
- Q41. You want to evaluate GCP for PCI compliance. You need to identify Google's inherent contro...
- Q42. You want to limit the images that can be used as the source for boot disks. These images w...
- Q43. An organization receives an increasing number of phishing emails. Which method should be u...
- Q44. You want to evaluate GCP for PCI compliance. You need to identify Google's inherent contro...
- Q45. A company has been running their application on Compute Engine. A bug in the application a...
- Q46. A company has been running their application on Compute Engine. A bug in the application a...
- Q47. A customer needs to rely on their existing user directory with the requirements of native ...
- Q48. Applications often require access to "secrets" - small pieces of sensitive data at build o...
- Q49. Your company is storing sensitive data in Cloud Storage. You want a key generated on-premi...
- Q50. You plan to use a Google Cloud Armor policy to prevent common attacks such as cross-site s...
- Q51. A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute En...
- Q52. Your company is storing files on Cloud Storage. To comply with local regulations, you want...
- Q53. A company is running workloads in a dedicated server room. They must only be accessed from...
- Q54. A customer wants to use Cloud Identity as their primary IdP. The customer wants to use oth...
- Q55. An employer wants to track how bonus compensations have changed over time to identify empl...
- Q56. You will create a new Service Account that should be able to list the Compute Engine insta...
- Q57. An organization is starting to move its infrastructure from its on-premises environment to...
- Q58. Which two implied firewall rules are defined on a VPC network? (Choose two.)...
- Q59. A customer wants to make it convenient for their mobile workforce to access a CRM web inte...
- Q60. An employer wants to track how bonus compensations have changed over time to identify empl...
- Q61. A customer's company has multiple business units. Each business unit operates independentl...
- Q62. Your team sets up a Shared VPC Network where project co-vpc-prod is the host project. Your...
- Q63. A customer wants to make it convenient for their mobile workforce to access a CRM web inte...
- Q64. A customer wants to make it convenient for their mobile workforce to access a CRM web inte...
- Q65. A retail customer allows users to upload comments and product reviews. The customer needs ...
- Q66. Your organization has had a few recent DDoS attacks. You need to authenticate responses to...
- Q67. A customer's internal security team must manage its own encryption keys for encrypting dat...
- Q68. A customer's data science group wants to use Google Cloud Platform (GCP) for their analyti...
- Q69. You need to set up a Cloud interconnect connection between your company's on-premises data...
- Q70. You want to prevent users from accidentally deleting a Shared VPC host project. Which orga...
- Q71. Applications often require access to "secrets" - small pieces of sensitive data at build o...
- Q72. Last week, a company deployed a new App Engine application that writes logs to BigQuery. N...
- Q73. Which two implied firewall rules are defined on a VPC network? (Choose two.)...
- Q74. A company has redundant mail servers in different Google Cloud Platform regions and wants ...
- Q75. Which type of load balancer should you use to maintain client IP by default while using th...
- Q76. You are the security admin of your company. You have 3,000 objects in your Cloud Storage b...
- Q77. Your Security team believes that a former employee of your company gained unauthorized acc...
- Q78. You are asked to recommend a solution to store and retrieve sensitive configuration data f...
- Q79. You recently joined the networking team supporting your company's Google Cloud implementat...
- Q80. Your team wants to make sure Compute Engine instances running in your production project d...
- Q81. A manager wants to start retaining security event logs for 2 years while minimizing costs....
- Q82. Your team needs to make sure that a Compute Engine instance does not have access to the in...
- Q83. You are part of a security team investigating a compromised service account key. You need ...
- Q84. Your organization acquired a new workload. The Web and Application (App) servers will be r...
- Q85. Your company is using GSuite and has developed an application meant for internal usage on ...
- Q86. You need to connect your organization's on-premises network with an existing Google Cloud ...
- Q87. Last week, a company deployed a new App Engine application that writes logs to BigQuery. N...
- Q88. While migrating your organization's infrastructure to GCP, a large number of users will ne...
- Q89. What are the steps to encrypt data using envelope encryption?...
- Q90. An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT worklo...
- Q91. A large financial institution is moving its Big Data analytics to Google Cloud Platform. T...
- Q92. A company allows every employee to use Google Cloud Platform. Each department has a Google...
- Q93. Your team needs to obtain a unified log view of all development cloud projects in your SIE...
- Q94. Your organization recently deployed a new application on Google Kubernetes Engine. You nee...
- Q95. A customer is collaborating with another company to build an application on Compute Engine...
- Q96. Your team needs to configure their Google Cloud Platform (GCP) environment so they can cen...
- Q97. A company has been running their application on Compute Engine. A bug in the application a...
- Q98. As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need...
- Q99. A retail customer allows users to upload comments and product reviews. The customer needs ...
- Q100. A company's application is deployed with a user-managed Service Account key. You want to u...
- Q101. A customer has 300 engineers. The company wants to grant different levels of access and ef...
- Q102. Your company wants to determine what products they can build to help customers improve the...
- Q103. A DevOps team will create a new container to run on Google Kubernetes Engine. As the appli...
- Q104. You are on your company's development team. You noticed that your web application hosted i...
- Q105. An organization's security and risk management teams are concerned about where their respo...
- Q106. You are in charge of migrating a legacy application from your company datacenters to GCP b...
- Q107. Your team wants to make sure Compute Engine instances running in your production project d...
- Q108. A DevOps team will create a new container to run on Google Kubernetes Engine. As the appli...
- Q109. An organization is starting to move its infrastructure from its on-premises environment to...
- Q110. As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need...
- Q111. You are a member of the security team at an organization. Your team has a single GCP proje...
- Q112. Your team sets up a Shared VPC Network where project co-vpc-prod is the host project. Your...
- Q113. A company is running workloads in a dedicated server room. They must only be accessed from...
- Q114. You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud K...
- Q115. A security team at an e-commerce company wants to define an automatic incident response pr...
- Q116. While migrating your organization's infrastructure to GCP, a large number of users will ne...
- Q117. Your company has deployed an application on Compute Engine. The application is accessible ...
- Q118. A customer wants to move their sensitive workloads to a Compute Engine-based cluster using...
- Q119. An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT worklo...
- Q120. You are in charge of migrating a legacy application from your company datacenters to GCP b...
- Q121. You have an application where the frontend is deployed on a managed instance group in subn...
[×]
Download PDF File
Enter your email address to download Google.Professional-Cloud-Security-Engineer.v2022-07-24.q121.pdf