Exam Logo

Google (PCSE) Exam Questions And Answers page 5

An organization is starting to move its infrastructure from its on-premises environment to Google Cloud Platform (GCP). The first step the organization wants to take is to migrate its ongoing data backup and disaster recovery solutions to GCP. The organization's on-premises production environment is going to be the next phase for migration to GCP. Stable networking connectivity between the on-premises environment and GCP is also being implemented.

Which GCP solution should the organization use?
Google Cloud Networking Security Google Cloud Data Security
An organization receives an increasing number of phishing emails.

Which method should be used to protect employee credentials in this situation?
Google Cloud Identity and Access Management (IAM)
An organization's security and risk management teams are concerned about where their responsibility lies for certain production workloads they are running in Google Cloud Platform (GCP), and where Google's responsibility lies. They are mostly running workloads using Google Cloud's Platform-as-a-Service (PaaS) offerings, including App Engine primarily.

Which one of these areas in the technology stack would they need to focus on as their primary responsibility when using App Engine?
Google Cloud Identity and Access Management (IAM)
An organization s typical network and security review consists of analyzing application transit routes, request handling, and firewall rules. They want to enable their developer teams to deploy new applications without the overhead of this full review.

How should you advise this organization?
Google Cloud Networking Security Google Cloud Operations Security
A patch for a vulnerability has been released, and a DevOps team needs to update their running containers in Google Kubernetes Engine (GKE).

How should the DevOps team accomplish this?
Google Cloud Networking Security Google Cloud Security Management
Applications often require access to secrets - small pieces of sensitive data at build or run time. The administrator managing these secrets on GCP wants to keep a track of who did what, where, and when? within their GCP projects.

Which two log streams would provide the information that the administrator is looking for? (Choose two.)
Google Cloud Identity and Access Management (IAM) Google Cloud Operations Security
A retail customer allows users to upload comments and product reviews. The customer needs to make sure the text does not include sensitive data before the comments or reviews are published.

Which Google Cloud Service should be used to achieve this?
Google Cloud Networking Security Google Cloud Data Security
As adoption of the Cloud Data Loss Prevention (DLP) API grows within the company, you need to optimize usage to reduce cost. DLP target data is stored in Cloud Storage and BigQuery. The location and region are identified as a suffix in the resource name.

Which cost reduction options should you recommend?
Google Cloud Networking Security Google Cloud Data Security
A website design company recently migrated all customer sites to App Engine. Some sites are still in progress and should only be visible to customers and company employees from any location.

Which solution will restrict access to the in-progress sites?
Google Cloud Identity and Access Management (IAM)
For compliance reasons, an organization needs to ensure that in-scope PCI Kubernetes Pods reside on in-scope Nodes only. These Nodes can only contain the in-scope Pods.

How should the organization achieve this objective?
Google Cloud Networking Security Google Cloud Data Security