Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy regulations, this data can only be stored for a specific amount of time and must be fully deleted after this specific period. Data that has not yet reached the time period should not be deleted. You want to automate the process of complying with this regulation.What should you do?
Answer(s): C
"To support common use cases like setting a Time to Live (TTL) for objects, retaining noncurrent versions of objects, or "downgrading" storage classes of objects to help manage costs, Cloud Storage offers the Object Lifecycle Management feature. This page describes the feature as well as the options available when using it. To learn how to enable Object Lifecycle Management, and for examples of lifecycle policies, see Managing Lifecycles." https://cloud.google.com/storage/docs/lifecycle
A DevOps team will create a new container to run on Google Kubernetes Engine. As the application will be internet-facing, they want to minimize the attack surface of the container.What should they do?
Answer(s): B
Small containers usually have a smaller attack surface as compared to containers that use large base images. https://cloud.google.com/blog/products/gcp/kubernetes-best-practices-how-and-why-to-build-small-container-images
While migrating your organization's infrastructure to GCP, a large number of users will need to access GCP Console. The Identity Management team already has a well-established way to manage your users and want to keep using your existing Active Directory or LDAP server along with the existing SSO password.What should you do?
https://cloud.google.com/architecture/identity/federating-gcp-with-active-directory-configuring- single-sign-on
https://cloud.google.com/blog/products/identity-security/using-your-existing-identity- management- system-with-google-cloud-platform
Your company is using GSuite and has developed an application meant for internal usage on Google App Engine. You need to make sure that an external user cannot gain access to the application even when an employee's password has been compromised.What should you do?
Answer(s): A
https://docs.google.com/document/d/11o3e14tyhnT7w45Q8- r9ZmTAfj2WUNUpJPZImrxm_F4/edit?usp=sharing https://support.google.com/a/answer/175197?hl=en
A large financial institution is moving its Big Data analytics to Google Cloud Platform. They want to have maximum control over the encryption process of data stored at rest in BigQuery.What technique should the institution use?
If you want to manage the key encryption keys used for your data at rest, instead of having Google manage the keys, use Cloud Key Management Service to manage your keys. This scenario is known as customer-managed encryption keys (CMEK). https://cloud.google.com/bigquery/docs/encryption- at-rest
https://cloud.google.com/bigquery/docs/encryption-at-rest
Share your comments for Google PROFESSIONAL CLOUD SECURITY ENGINEER exam with other users:
how do i get the h12-724 dumps
nice data dumps
answers are correct
good explanation
hi team just want to know if there is any update version of the exam 350-401
helpful on 2017 scrum guide
planning to attempt for the exam.
pleaseee upload
thanks ly so i have information cia
hello team, i need sap qm dumps for practice
it’s good but not senatios based
q.119 - the correct answer is b - they are not captured in an update set as theyre data.
good matter
please upload c_sacp_2308
please upload the dump. thanks very much !!
good questions
hi, could you please update the latest dump version
this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?
great questions
its realy good
oracle 1z0-1059-22 dumps
please share me the pdf..
q50: which two functions can be used by an end user when pivoting an interactive report? the correct answer is a, c because we do not have rank in the function pivoting you can check in the apex app
best to practice
so far it is good
please provide me the dump
i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.
it was helpful
good question
really nice
please i need dumps for isc2 cybersecuity
ans is coldline i think
very helpful
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your PROFESSIONAL CLOUD SECURITY ENGINEER, please sign in or create a free account.