Exam Logo

Google (PCSE) Exam Questions And Answers page 7

Which two security characteristics are related to the use of VPC peering to connect two VPC networks? (Choose two.)
Google Cloud Networking Security Google Cloud Operations Security
While migrating your organization s infrastructure to GCP, a large number of users will need to access GCP Console. The Identity Management team already has a well-established way to manage your users and want to keep using your existing Active Directory or LDAP server along with the existing SSO password.

What should you do?
Google Cloud Identity and Access Management (IAM)
You are a member of the security team at an organization. Your team has a single GCP project with credit card payment processing systems alongside web applications and data processing systems. You want to reduce the scope of systems subject to PCI audit standards.

What should you do?
Google Cloud Identity and Access Management (IAM) Google Cloud Networking Security
You are creating an internal App Engine application that needs to access a user s Google Drive on the user s behalf. Your company does not want to rely on the current user s credentials. It also wants to follow Google-recommended practices.

What should you do?
Google Cloud Identity and Access Management (IAM)
You are in charge of migrating a legacy application from your company datacenters to GCP before the current maintenance contract expires. You do not know what ports the application is using and no documentation is available for you to check. You want to complete the migration without putting your environment at risk.

What should you do?
Google Cloud Identity and Access Management (IAM) Google Cloud Networking Security
You are on your company's development team. You noticed that your web application hosted in staging on GKE dynamically includes user data in web pages without first properly validating the inputted data. This could allow an attacker to execute gibberish commands and display arbitrary content in a victim user's browser in a production environment.

How should you prevent and fix this vulnerability?
Google Cloud Identity and Access Management (IAM) Google Cloud Networking Security
You are part of a security team investigating a compromised service account key. You need to audit which new resources were created by the service account.

What should you do?
Google Cloud Identity and Access Management (IAM) Google Cloud Operations Security
You are part of a security team that wants to ensure that a Cloud Storage bucket in Project A can only be readable from Project B. You also want to ensure that data in the Cloud Storage bucket cannot be accessed from or copied to Cloud Storage buckets outside the network, even if the user has the correct credentials.

What should you do?
Google Cloud Networking Security Google Cloud Data Security
You are responsible for protecting highly sensitive data in BigQuery. Your operations teams need access to this data, but given privacy regulations, you want to ensure that they cannot read the sensitive fields such as email addresses and first names. These specific sensitive fields should only be available on a need-to-know basis to the HR team. What should you do?
Google Cloud Data Security Google Cloud Operations Security
You are the Security Admin in your company. You want to synchronize all security groups that have an email address from your LDAP directory in Cloud IAM.

What should you do?
Google Cloud Identity and Access Management (IAM)