An organization is starting to move its infrastructure from its on-premises environment to Google Cloud Platform (GCP). The first step the organization wants to take is to migrate its current data backup and disaster recovery solutions to GCP for later analysis. The organization's production environment will remain on- premises for an indefinite time. The organization wants a scalable and cost-efficient solution.Which GCP solution should the organization use?
Answer(s): B
https://cloud.google.com/solutions/dr-scenarios-planning-guide#use-cloud-storage-as-part-of-your- daily-backup-routine
You are creating an internal App Engine application that needs to access a user's Google Drive on the user's behalf. Your company does not want to rely on the current user's credentials. It also wants to follow Google- recommended practices.What should you do?
Answer(s): D
https://developers.google.com/admin-sdk/directory/v1/guides/delegation
A customer wants to move their sensitive workloads to a Compute Engine-based cluster using Managed Instance Groups (MIGs). The jobs are bursty and must be completed quickly. They have a requirement to be able to manage and rotate the encryption keys.Which boot disk encryption solution should you use on the cluster to meet this customer's requirements?
https://cloud.google.com/kubernetes-engine/docs/how-to/dynamic-provisioning-cmek
Your company is using Cloud Dataproc for its Spark and Hadoop jobs. You want to be able to create, rotate,and destroy symmetric encryption keys used for the persistent disks used by Cloud Dataproc. Keys can be stored in the cloud.What should you do?
This PD and bucket data is encrypted using a Google-generated data encryption key (DEK) and key encryption key (KEK). The CMEK feature allows you to create, use, and revoke the key encryption key (KEK). Google still controls the data encryption key (DEK). For more information on Google data encryption keys, see Encryption at Rest.https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/customer-managed- encryption https://codelabs.developers.google.com/codelabs/encrypt-and-decrypt-data-with-cloud-kms#0
You are a member of the security team at an organization. Your team has a single GCP project with credit card payment processing systems alongside web applications and data processing systems. You want to reduce the scope of systems subject to PCI audit standards.What should you do?
Answer(s): C
https://cloud.google.com/solutions/best-practices-vpc-design"Setting up your payment-processing environment" section in https://cloud.google.com/solutions/pci-dss-compliance-in-gcp.
Share your comments for Google PROFESSIONAL CLOUD SECURITY ENGINEER exam with other users:
can anyone tell me if this is for rhel8 or rhel9?
good content
pdb and cdb are critical to the database
till 104 questions are free, lets see how it helps me in my exam today.
question # 56, answer is true not false.
i would be requiring dumps to prepare for certification exam
very helpful
control file is the heart of rman backup
hi could you please upload the ibm c2090-543 dumps
appriciate if you could upload this again
please upload the dump
i found some questions answers mismatch with explanation answers. please properly update
nothing to mention
knowable questions
very helpfull
good questions
its helpful
i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.
22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot
is question 1 correct?
manged to pass the exam with this exam dumps.
can we please have the latest exam questions?
please help with jn0-649 latest dumps
please i need this dump. thanks
i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.
all questions are more important
ques 4 answer should be c ie automatically recover from failure
very very useful page
the exams are giving me an eye opener
3rd so far, need to cover more
aligns with the pecd notes
question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework