Google nwexams ace Your Professional-cloud-security-engineer Google Cloud Certified Exam by Hasan q18 vce pdf

Page: 13 / 17

Exam Name:	Google Cloud Certified - Professional Cloud Security Engineer
Exam Code:	Professional-Cloud-Security-Engineer Dumps
Vendor:	Google	Certification:	Google Cloud Certified
Questions:	234 Q&A's	Shared By:	hasan

Question 52

Your company plans to move most of its IT infrastructure to Google Cloud. They want to leverage their existing on-premises Active Directory as an identity provider for Google Cloud. Which two steps should you take to integrate the company’s on-premises Active Directory with Google Cloud and configure access management? (Choose two.)

Options:

Use Identity Platform to provision users and groups to Google Cloud.

Use Cloud Identity SAML integration to provision users and groups to Google Cloud.

Install Google Cloud Directory Sync and connect it to Active Directory and Cloud Identity.

Create Identity and Access Management (1AM) roles with permissions corresponding to each Active Directory group.

Create Identity and Access Management (1AM) groups with permissions corresponding to each Active Directory group.

Discussion

Nadia

Why these dumps are important? Can I pass my exam without these dumps?

Julian (not set)

The questions in the Cramkey dumps are explained in detail and there are also study notes and reference materials provided. This made it easier for me to understand the concepts and retain the information better.

Cody

I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.

Eric (not set)

Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.

Anya

I must say they're considered the best dumps available and the questions are very similar to what you'll see in the actual exam. Recommended!!!

Cassius (not set)

Yes, they offer a 100% success guarantee. And many students who have used them have reported passing their exams with flying colors.

Alaia

These Dumps are amazing! I used them to study for my recent exam and I passed with flying colors. The information in the dumps is so valid and up-to-date. Thanks a lot!!!

Zofia (not set)

That's great to hear! I've been struggling to find good study material for my exam. I will ty it for sure.

Ava-Rose

Yes! Cramkey Dumps are amazing I passed my exam…Same these questions were in exam asked.

Ismail (not set)

Wow, that sounds really helpful. Thanks, I would definitely consider these dumps for my certification exam.

Question 53

Your company’s chief information security officer (CISO) is requiring business data to be stored in specific locations due to regulatory requirements that affect the company’s global expansion plans. After working on a plan to implement this requirement, you determine the following:

The services in scope are included in the Google Cloud data residency requirements.

The business data remains within specific locations under the same organization.

The folder structure can contain multiple data residency locations.

The projects are aligned to specific locations.

You plan to use the Resource Location Restriction organization policy constraint with very granular control. At which level in the hierarchy should you set the constraint?

Options:

Organization

Resource

Project

Folder

Discussion

Question 54

You are the security admin of your company. You have 3,000 objects in your Cloud Storage bucket. You do not want to manage access to each object individually. You also do not want the uploader of an object to always have full control of the object. However, you want to use Cloud Audit Logs to manage access to your bucket.

What should you do?

Options:

Set up an ACL with OWNER permission to a scope of allUsers.

Set up an ACL with READER permission to a scope of allUsers.

Set up a default bucket ACL and manage access for users using IAM.

Set up Uniform bucket-level access on the Cloud Storage bucket and manage access for users using IAM.

Discussion

Question 55

Your organization uses BigQuery to process highly sensitive, structured datasets. Following the "need to know" principle, you need to create the Identity and Access Management (IAM) design to meet the needs of these users:

• Business user must access curated reports.

• Data engineer: must administrate the data lifecycle in the platform.

• Security operator: must review user activity on the data platform.

What should you do?

Options:

Configure data access log for BigQuery services, and grant Project Viewer role to security operators.

Generate a CSV data file based on the business user's needs, and send the data to their email addresses.

Create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer.

Set row-based access control based on the "region" column, and filter the record from the United States for data engineers.