- Home
- Google Cloud Certified - Professional Cloud Security Engineer Exam
- Google.Professional-Cloud-Security-Engineer.v2023-05-10.q124
- Question 77
Valid Professional-Cloud-Security-Engineer Dumps shared by ExamDiscuss.com for Helping Passing Professional-Cloud-Security-Engineer Exam! ExamDiscuss.com now offer the newest Professional-Cloud-Security-Engineer exam dumps, the ExamDiscuss.com Professional-Cloud-Security-Engineer exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Professional-Cloud-Security-Engineer dumps with Test Engine here:
Access Professional-Cloud-Security-Engineer Dumps Premium Version
(320 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 77/124
An organization recently began using App Engine to build and host its new web application for its customers. The organization wants to use its existing IAM setup to allow its developer employees to have elevated access to the application remotely. This would allow them to push updates and fixes to the application via an HTTPS connection. Non-developer employees should only get access to the production version without development permissions. Which Google Cloud Platform solution should be used to meet these requirements?
Correct Answer: C
A is not correct because synchronizing your users to Google Identity does not grant any differentiated access to an app engine application.
B is not correct because app engine IAM roles only specify different levels of administrative access to app engine applications in a project.
C is correct because Cloud IAP allows the organization to establish different levels of access based on user criteria for app engine apps.
D is not correct because VPC firewall rules do not grant different levels of authorization and only allow/block traffic.
https://cloud.google.com/appengine/docs/standard/python/access-control
https://cloud.google.com/iap/docs/concepts-overview
B is not correct because app engine IAM roles only specify different levels of administrative access to app engine applications in a project.
C is correct because Cloud IAP allows the organization to establish different levels of access based on user criteria for app engine apps.
D is not correct because VPC firewall rules do not grant different levels of authorization and only allow/block traffic.
https://cloud.google.com/appengine/docs/standard/python/access-control
https://cloud.google.com/iap/docs/concepts-overview
- Question List (124q)
- Question 1: You are part of a security team investigating a compromised ...
- Question 2: You need to provide a corporate user account in Google Cloud...
- Question 3: Your company has deployed an application on Compute Engine. ...
- Question 4: You are a security engineer at a finance company. Your organ...
- Question 5: An organization is migrating from their current on-premises ...
- Question 6: A customer deploys an application to App Engine and needs to...
- Question 7: An organization is starting to move its infrastructure from ...
- Question 8: You have defined subnets in a VPC within Google Cloud Platfo...
- Question 9: An organization's security and risk management teams are con...
- Question 10: An office manager at your small startup company is responsib...
- Question 11: What are the steps to encrypt data using envelope encryption...
- Question 12: You plan to deploy your cloud infrastructure using a CI/CD c...
- Question 13: You need to provide a corporate user account in Google Cloud...
- Question 14: Your organization recently deployed a new application on Goo...
- Question 15: Your team creates an ingress firewall rule to allow SSH acce...
- Question 16: A large financial institution is moving its Big Data analyti...
- Question 17: You want to use the gcloud command-line tool to authenticate...
- Question 18: Your team wants to centrally manage GCP IAM permissions from...
- Question 19: You are a member of the security team at an organization. Yo...
- Question 20: You perform a security assessment on a customer architecture...
- Question 21: You work for an organization in a regulated industry that ha...
- Question 22: A customer is collaborating with another company to build an...
- Question 23: Your customer is moving their corporate applications to Goog...
- Question 24: A company has been running their application on Compute Engi...
- Question 25: Your organization has implemented synchronization and SAML f...
- Question 26: You have been tasked with inspecting IP packet data for inva...
- Question 27: An organization receives an increasing number of phishing em...
- Question 28: You are tasked with exporting and auditing security logs for...
- Question 29: You manage your organization's Security Operations Center (S...
- Question 30: You need to set up two network segments: one with an untrust...
- Question 31: A company migrated their entire data/center to Google Cloud ...
- Question 32: Last week, a company deployed a new App Engine application t...
- Question 33: An organization is evaluating the use of Google Cloud Platfo...
- Question 34: Your company is storing sensitive data in Cloud Storage. You...
- Question 35: You are troubleshooting access denied errors between Compute...
- Question 36: Your organization's Google Cloud VMs are deployed via an ins...
- Question 37: A business unit at a multinational corporation signs up for ...
- Question 38: Which two security characteristics are related to the use of...
- Question 39: A company's application is deployed with a user-managed Serv...
- Question 40: An organization's typical network and security review consis...
- Question 41: You have an application where the frontend is deployed on a ...
- Question 42: Which two implied firewall rules are defined on a VPC networ...
- Question 43: An organization is evaluating the use of Google Cloud Platfo...
- Question 44: Your team needs to prevent users from creating projects in t...
- Question 45: A retail customer allows users to upload comments and produc...
- Question 46: What are the steps to encrypt data using envelope encryption...
- Question 47: Which two implied firewall rules are defined on a VPC networ...
- Question 48: You are asked to recommend a solution to store and retrieve ...
- Question 49: While migrating your organization's infrastructure to GCP, a...
- Question 50: Your team needs to obtain a unified log view of all developm...
- Question 51: Your company is storing files on Cloud Storage. To comply wi...
- Question 52: Your security team uses encryption keys to ensure confidenti...
- Question 53: Your team needs to make sure that a Compute Engine instance ...
- Question 54: An organization's security and risk management teams are con...
- Question 55: A patch for a vulnerability has been released, and a DevOps ...
- Question 56: Your company is storing sensitive data in Cloud Storage. You...
- Question 57: You are a member of your company's security team. You have b...
- Question 58: A customer has an analytics workload running on Compute Engi...
- Question 59: You are responsible for implementing a payment processing en...
- Question 60: You are the security admin of your company. You have 3,000 o...
- Question 61: You discovered that sensitive personally identifiable inform...
- Question 62: While migrating your organization's infrastructure to GCP, a...
- Question 63: Your team needs to make sure that a Compute Engine instance ...
- Question 64: Your team wants to limit users with administrative privilege...
- Question 65: Your company's chief information security officer (CISO) is ...
- Question 66: You want to update your existing VPC Service Controls perime...
- Question 67: A company allows every employee to use Google Cloud Platform...
- Question 68: You are part of a security team that wants to ensure that a ...
- Question 69: A company allows every employee to use Google Cloud Platform...
- Question 70: A company has been running their application on Compute Engi...
- Question 71: Your team uses a service account to authenticate data transf...
- Question 72: An organization is starting to move its infrastructure from ...
- Question 73: A customer's data science group wants to use Google Cloud Pl...
- Question 74: You are on your company's development team. You noticed that...
- Question 75: A customer has an analytics workload running on Compute Engi...
- Question 76: As adoption of the Cloud Data Loss Prevention (DLP) API grow...
- Question 77: An organization recently began using App Engine to build and...
- Question 78: A customer wants to move their sensitive workloads to a Comp...
- Question 79: Your organization's Google Cloud VMs are deployed via an ins...
- Question 80: You are designing a new governance model for your organizati...
- Question 81: As adoption of the Cloud Data Loss Prevention (DLP) API grow...
- Question 82: You need to follow Google-recommended practices to leverage ...
- Question 83: An organization is moving applications to Google Cloud while...
- Question 84: While migrating your organization's infrastructure to GCP, a...
- Question 85: A customer needs an alternative to storing their plain text ...
- Question 86: Your company has deployed an application on Compute Engine. ...
- Question 87: You are a member of the security team at an organization. Yo...
- Question 88: When creating a secure container image, which two items shou...
- Question 89: You are troubleshooting access denied errors between Compute...
- Question 90: You need to implement an encryption at-rest strategy that re...
- Question 91: A company is running workloads in a dedicated server room. T...
- Question 92: Your company requires the security and network engineering t...
- Question 93: In a shared security responsibility model for IaaS, which tw...
- Question 94: You are a security administrator at your company and are res...
- Question 95: A customer's company has multiple business units. Each busin...
- Question 96: Your organization has had a few recent DDoS attacks. You nee...
- Question 97: A DevOps team will create a new container to run on Google K...
- Question 98: You want to limit the images that can be used as the source ...
- Question 99: Your company's cloud security policy dictates that VM instan...
- Question 100: Which two security characteristics are related to the use of...
- Question 101: An organization is starting to move its infrastructure from ...
- Question 102: A customer wants to make it convenient for their mobile work...
- Question 103: You need to follow Google-recommended practices to leverage ...
- Question 104: A DevOps team will create a new container to run on Google K...
- Question 105: An application running on a Compute Engine instance needs to...
- Question 106: An organization is starting to move its infrastructure from ...
- Question 107: A customer implements Cloud Identity-Aware Proxy for their E...
- Question 108: A company is running their webshop on Google Kubernetes Engi...
- Question 109: You need to set up two network segments: one with an untrust...
- Question 110: A customer terminates an engineer and needs to make sure the...
- Question 111: You are working with a client who plans to migrate their dat...
- Question 112: You need to centralize your team's logs for production proje...
- Question 113: A security team at an e-commerce company wants to define an ...
- Question 114: Your organization acquired a new workload. The Web and Appli...
- Question 115: You are working with protected health information (PHI) for ...
- Question 116: A customer needs to prevent attackers from hijacking their d...
- Question 117: Your team needs to make sure that their backend database can...
- Question 118: An organization is migrating from their current on-premises ...
- Question 119: You need to set up a Cloud interconnect connection between y...
- Question 120: Which two implied firewall rules are defined on a VPC networ...
- Question 121: Your company requires the security and network engineering t...
- Question 122: Your company has deployed an application on Compute Engine. ...
- Question 123: An organization receives an increasing number of phishing em...
- Question 124: Your security team uses encryption keys to ensure confidenti...
[×]
Download PDF File
Enter your email address to download Google.Professional-Cloud-Security-Engineer.v2023-05-10.q124.pdf