[Dec 09, 2023] Google Professional-Cloud-Security-Engineer Exam Dumps Files, Q1/174: You are a member of the security team at an organization. Your team has a single GCP project with credit

Join the discussion

Question 1/174

You are a member of the security team at an organization. Your team has a single GCP project with credit card payment processing systems alongside web applications and data processing systems. You want to reduce the scope of systems subject to PCI audit standards.
What should you do?

A. Move the cardholder data environment into a separate GCP project.

B. Use only applications certified compliant with PA-DSS.

C. Use multi-factor authentication for admin access to the web application.

D. Use VPN for all connections between your office and cloud environments.

Add Comments

Other Question (174q): Q1. You are a member of the security team at an organization. Your team has a single GCP proje...; Q2. You are the security admin of your company. Your development team creates multiple GCP pro...; Q3. A company's application is deployed with a user-managed Service Account key. You want to u...; Q4. You are consulting with a client that requires end-to-end encryption of application data (...; Q5. An organization receives an increasing number of phishing emails. Which method should be u...; Q6. A customer wants to deploy a large number of 3-tier web applications on Compute Engine. Ho...; Q7. Your organization has had a few recent DDoS attacks. You need to authenticate responses to...; Q8. You need to provide a corporate user account in Google Cloud for each of your developers a...; Q9. Your company's new CEO recently sold two of the company's divisions. Your Director asks yo...; Q10. You need to use Cloud External Key Manager to create an encryption key to encrypt specific...; Q11. You are a Security Administrator at your organization. You need to restrict service accoun...; Q12. You need to implement an encryption-at-rest strategy that protects sensitive data and redu...; Q13. You have created an OS image that is hardened per your organization's security standards a...; Q14. You are in charge of migrating a legacy application from your company datacenters to GCP b...; Q15. You perform a security assessment on a customer architecture and discover that multiple VM...; Q16. You discovered that sensitive personally identifiable information (PII) is being ingested ...; Q17. Your organization acquired a new workload. The Web and Application (App) servers will be r...; Q18. As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need...; Q19. A customer is running an analytics workload on Google Cloud Platform (GCP) where Compute E...; Q20. Your team sets up a Shared VPC Network where project co-vpc-prod is the host project. Your...; Q21. An organization is starting to move its infrastructure from its on-premises environment to...; Q22. You will create a new Service Account that should be able to list the Compute Engine insta...; Q23. Your team needs to make sure that their backend database can only be accessed by the front...; Q24. You need to enforce a security policy in your Google Cloud organization that prevents user...; Q25. A customer wants to run a batch processing system on VMs and store the output files in a C...; Q26. You are creating a new infrastructure CI/CD pipeline to deploy hundreds of ephemeral proje...; Q27. You have the following resource hierarchy. There is an organization policy at each node in...; Q28. A large e-retailer is moving to Google Cloud Platform with its ecommerce website. The comp...; Q29. A company allows every employee to use Google Cloud Platform. Each department has a Google...; Q30. When working with agents in a support center via online chat, an organization's customers ...; Q31. You are tasked with exporting and auditing security logs for login activity events for Goo...; Q32. You are the Security Admin in your company. You want to synchronize all security groups th...; Q33. A large financial institution is moving its Big Data analytics to Google Cloud Platform. T...; Q34. A customer needs to prevent attackers from hijacking their domain/IP and redirecting users...; Q35. What are the steps to encrypt data using envelope encryption?...; Q36. A company is running workloads in a dedicated server room. They must only be accessed from...; Q37. Your company requires the security and network engineering teams to identify all network a...; Q38. A customer wants to run a batch processing system on VMs and store the output files in a C...; Q39. A customer wants to deploy a large number of 3-tier web applications on Compute Engine. Ho...; Q40. An application running on a Compute Engine instance needs to read data from a Cloud Storag...; Q41. An employer wants to track how bonus compensations have changed over time to identify empl...; Q42. You manage your organization's Security Operations Center (SOC). You currently monitor and...; Q43. Your team wants to limit users with administrative privileges at the organization level. W...; Q44. A website design company recently migrated all customer sites to App Engine. Some sites ar...; Q45. Your company's chief information security officer (CISO) is requiring business data to be ...; Q46. An organization is moving applications to Google Cloud while maintaining a few mission-cri...; Q47. An organization is migrating from their current on-premises productivity software systems ...; Q48. An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT worklo...; Q49. You are responsible for protecting highly sensitive data in BigQuery. Your operations team...; Q50. Your team wants to centrally manage GCP IAM permissions from their on-premises Active Dire...; Q51. You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud K...; Q52. You have numerous private virtual machines on Google Cloud. You occasionally need to manag...; Q53. Your company's chief information security officer (CISO) is requiring business data to be ...; Q54. Your security team wants to implement a defense-in-depth approach to protect sensitive dat...; Q55. When working with agents in a support center via online chat, an organization's customers ...; Q56. Your team wants to centrally manage GCP IAM permissions from their on-premises Active Dire...; Q57. Your company is storing sensitive data in Cloud Storage. You want a key generated on-premi...; Q58. You have defined subnets in a VPC within Google Cloud Platform. You need multiple projects...; Q59. A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute En...; Q60. A patch for a vulnerability has been released, and a DevOps team needs to update their run...; Q61. An organization recently began using App Engine to build and host its new web application ...; Q62. You are responsible for protecting highly sensitive data in BigQuery. Your operations team...; Q63. Your company is storing sensitive data in Cloud Storage. You want a key generated on-premi...; Q64. Applications often require access to "secrets" -small pieces of sensitive data at build or...; Q65. A customer wants to grant access to their application running on Compute Engine to write o...; Q66. You are part of a security team investigating a compromised service account key. You need ...; Q67. An organization is evaluating the use of Google Cloud Platform (GCP) for certain IT worklo...; Q68. You need to create a VPC that enables your security team to control network resources such...; Q69. A company has been running their application on Compute Engine. A bug in the application a...; Q70. Your company is storing sensitive data in Cloud Storage. You want a key generated on-premi...; Q71. Which international compliance standard provides guidelines for information security contr...; Q72. You are the security admin of your company. You have 3,000 objects in your Cloud Storage b...; Q73. You are a security engineer at a finance company. Your organization plans to store data on...; Q74. You are on your company's development team. You noticed that your web application hosted i...; Q75. You are part of a security team that wants to ensure that a Cloud Storage bucket in Projec...; Q76. A company is running workloads in a dedicated server room. They must only be accessed from...; Q77. You want to evaluate GCP for PCI compliance. You need to identify Google's inherent contro...; Q78. How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM...; Q79. You want to evaluate GCP for PCI compliance. You need to identify Google's inherent contro...; Q80. A customer's data science group wants to use Google Cloud Platform (GCP) for their analyti...; Q81. A security team at an e-commerce company wants to define an automatic incident response pr...; Q82. Your company's Chief Information Security Officer (CISO) creates a requirement that busine...; Q83. A customer deploys an application to App Engine and needs to check for Open Web Applicatio...; Q84. You want to evaluate GCP for PCI compliance. You need to identify Google's inherent contro...; Q85. Your company is storing sensitive data in Cloud Storage. You want a key generated on-premi...; Q86. A customer's data science group wants to use Google Cloud Platform (GCP) for their analyti...; Q87. Your company runs a website that will store PII on Google Cloud Platform. To comply with d...; Q88. You are responsible for managing your company's identities in Google Cloud. Your company e...; Q89. Your team wants to limit users with administrative privileges at the organization level Wh...; Q90. A customer has an analytics workload running on Compute Engine that should have limited in...; Q91. Your company wants to determine what products they can build to help customers improve the...; Q92. Which Identity-Aware Proxy role should you grant to an Identity and Access Management (IAM...; Q93. You plan to deploy your cloud infrastructure using a CI/CD cluster hosted on Compute Engin...; Q94. A customer terminates an engineer and needs to make sure the engineer's Google account is ...; Q95. You are working with protected health information (PHI) for an electronic health record sy...; Q96. Which Identity-Aware Proxy role should you grant to an Identity and Access Management (IAM...; Q97. You need to use Cloud External Key Manager to create an encryption key to encrypt specific...; Q98. You have created an OS image that is hardened per your organization's security standards a...; Q99. Applications often require access to "secrets" - small pieces of sensitive data at build o...; Q100. You are consulting with a client that requires end-to-end encryption of application data (...; Q101. Your company has deployed an application on Compute Engine. The application is accessible ...; Q102. You are the Security Admin in your company. You want to synchronize all security groups th...; Q103. A company is running workloads in a dedicated server room. They must only be accessed from...; Q104. Your company's new CEO recently sold two of the company's divisions. Your Director asks yo...; Q105. You need to enforce a security policy in your Google Cloud organization that prevents user...; Q106. Your organization recently deployed a new application on Google Kubernetes Engine. You nee...; Q107. Your company is deploying their applications on Google Kubernetes Engine. You want to foll...; Q108. For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods ...; Q109. You are consulting with a client that requires end-to-end encryption of application data (...; Q110. You're developing the incident response plan for your company. You need to define the acce...; Q111. An organization adopts Google Cloud Platform (GCP) for application hosting services and ne...; Q112. You need to follow Google-recommended practices to leverage envelope encryption and encryp...; Q113. You need to set up a Cloud interconnect connection between your company's on-premises data...; Q114. You plan to deploy your cloud infrastructure using a CI/CD cluster hosted on Compute Engin...; Q115. An application log's data, including customer identifiers such as email addresses, needs t...; Q116. You need to provide a corporate user account in Google Cloud for each of your developers a...; Q117. Which two security characteristics are related to the use of VPC peering to connect two VP...; Q118. You are creating an internal App Engine application that needs to access a user's Google D...; Q119. Your team wants to make sure Compute Engine instances running in your production project d...; Q120. When working with agents in a support center via online chat, an organization's customers ...; Q121. An organization is starting to move its infrastructure from its on-premises environment to...; Q122. You need to connect your organization's on-premises network with an existing Google Cloud ...; Q123. A company migrated their entire data/center to Google Cloud Platform. It is running thousa...; Q124. You are on your company's development team. You noticed that your web application hosted i...; Q125. For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods ...; Q126. An organization is starting to move its infrastructure from its on-premises environment to...; Q127. While migrating your organization's infrastructure to GCP, a large number of users will ne...; Q128. Your organization hosts a financial services application running on Compute Engine instanc...; Q129. You are troubleshooting access denied errors between Compute Engine instances connected to...; Q130. Your team needs to prevent users from creating projects in the organization. Only the DevO...; Q131. You are the security admin of your company. Your development team creates multiple GCP pro...; Q132. A company migrated their entire data/center to Google Cloud Platform. It is running thousa...; Q133. You need to follow Google-recommended practices to leverage envelope encryption and encryp...; Q134. You plan to deploy your cloud infrastructure using a CI/CD cluster hosted on Compute Engin...; Q135. Your team needs to obtain a unified log view of all development cloud projects in your SIE...; Q136. A database administrator notices malicious activities within their Cloud SQL instance. The...; Q137. While migrating your organization's infrastructure to GCP, a large number of users will ne...; Q138. Your organization is transitioning to Google Cloud You want to ensure that only trusted co...; Q139. An application running on a Compute Engine instance needs to read data from a Cloud Storag...; Q140. Your company wants to collect and analyze CVE information for packages in container images...; Q141. A customer wants to run a batch processing system on VMs and store the output files in a C...; Q142. An organization's security and risk management teams are concerned about where their respo...; Q143. A customer wants to move their sensitive workloads to a Compute Engine-based cluster using...; Q144. Your organization wants to protect all workloads that run on Compute Engine VM to ensure t...; Q145. Your team needs to make sure that their backend database can only be accessed by the front...; Q146. You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud K...; Q147. A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP...; Q148. Your team needs to prevent users from creating projects in the organization. Only the DevO...; Q149. As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need...; Q150. Your organization's Google Cloud VMs are deployed via an instance template that configures...; Q151. You have noticed an increased number of phishing attacks across your enterprise user accou...; Q152. Your company has been creating users manually in Cloud Identity to provide access to Googl...; Q153. A customer needs to prevent attackers from hijacking their domain/IP and redirecting users...; Q154. Your team wants to make sure Compute Engine instances running in your production project d...; Q155. Your Google Cloud organization allows for administrative capabilities to be distributed to...; Q156. You want to limit the images that can be used as the source for boot disks. These images w...; Q157. You recently joined the networking team supporting your company's Google Cloud implementat...; Q158. A company has been running their application on Compute Engine. A bug in the application a...; Q159. Your team sets up a Shared VPC Network where project co-vpc-prod is the host project. Your...; Q160. An organization is migrating from their current on-premises productivity software systems ...; Q161. You have been tasked with inspecting IP packet data for invalid or malicious content. What...; Q162. Your team wants to centrally manage GCP IAM permissions from their on-premises Active Dire...; Q163. You are deploying a web application hosted on Compute Engine. A business requirement manda...; Q164. You want to limit the images that can be used as the source for boot disks. These images w...; Q165. A large e-retailer is moving to Google Cloud Platform with its ecommerce website. The comp...; Q166. Your company wants to determine what products they can build to help customers improve the...; Q167. You are in charge of migrating a legacy application from your company datacenters to GCP b...; Q168. You will create a new Service Account that should be able to list the Compute Engine insta...; Q169. An employer wants to track how bonus compensations have changed over time to identify empl...; Q170. An engineering team is launching a web application that will be public on the internet. Th...; Q171. Which two implied firewall rules are defined on a VPC network? (Choose two.)...; Q172. You perform a security assessment on a customer architecture and discover that multiple VM...; Q173. A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute En...; Q174. When creating a secure container image, which two items should you incorporate into the bu...

Join the discussion

Question 1/174

Add Comments

Download PDF File