Free Preparation Discussions
MENU
Google Professional Cloud Security Engineer Exam Questions
- Topic 1: Design and Implement a secure infrastructure on Google Cloud Platform
- Topic 2: Understanding of security best practices and industry security requirements
- Topic 3: Manages a secure infrastructure leveraging Google security technologies
- Topic 4: All aspects of Cloud Secur
Free Google Professional Cloud Security Engineer Exam Actual Questions
Note: Premium Questions for Professional Cloud Security Engineer were last updated On Nov. 21, 2024 (see below)
You have stored company approved compute images in a single Google Cloud project that is used as an image repository. This project is protected with VPC Service Controls and exists in the perimeter along with other projects in your organization. This lets other projects deploy images from the image repository project. A team requires deploying a third-party disk image that is stored in an external Google Cloud organization. You need to grant read access to the disk image so that it can be deployed into the perimeter.
What should you do?
You are setting up a new Cloud Storage bucket in your environment that is encrypted with a customer managed encryption key (CMEK). The CMEK is stored in Cloud Key Management Service (KMS). in project "pr j -a", and the Cloud Storage bucket will use project "prj-b". The key is backed by a Cloud Hardware Security Module (HSM) and resides in the region europe-west3. Your storage bucket will be located in the region europe-west1. When you create the bucket, you cannot access the key. and you need to troubleshoot why.
What has caused the access issue?
When you use a customer-managed encryption key (CMEK) to secure a Cloud Storage bucket, the key and the bucket must be located in the same region. In this case, the key is in europe-west3 and the bucket is in europe-west1, which is why you're unable to access the key.
Your organization has on-premises hosts that need to access Google Cloud APIs You must enforce private connectivity between these hosts minimize costs and optimize for operational efficiency
What should you do?
Your customer has an on-premises Public Key Infrastructure (PKI) with a certificate authority (CA). You need to issue certificates for many HTTP load balancer frontends. The on-premises PKI should be minimally affected due to many manual processes, and the solution needs to scale.
What should you do?
This approach allows you to leverage your existing on-premises PKI infrastructure while minimizing its impact and manual processes. By creating a subordinate CA in Google's Certificate Authority Service, you can automate the process of issuing certificates for your HTTP load balancer frontends. This solution scales well as the number of load balancers increases.
You manage a fleet of virtual machines (VMs) in your organization. You have encountered issues with lack of patching in many VMs. You need to automate regular patching in your VMs and view the patch management data across multiple projects.
What should you do?
Choose 2 answers
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Chun
2 days agoRenea
11 days agoRessie
16 days agoLashawna
25 days agoJospeh
1 months agoMiriam
1 months agoJavier
1 months agoJoesph
1 months agoBettina
2 months agoCurtis
2 months agoStefany
2 months agoChun
3 months agoKarina
4 months agoRaylene
4 months agoDaniela
5 months agoOcie
5 months agoKatie
5 months ago