Google nwexams ace Your Professional-cloud-security-engineer Google Cloud Certified Exam by Hasan q18 vce pdf

Page: 13 / 17

Exam Name:	Google Cloud Certified - Professional Cloud Security Engineer
Exam Code:	Professional-Cloud-Security-Engineer Dumps
Vendor:	Google	Certification:	Google Cloud Certified
Questions:	234 Q&A's	Shared By:	hasan

Question 52

Your company plans to move most of its IT infrastructure to Google Cloud. They want to leverage their existing on-premises Active Directory as an identity provider for Google Cloud. Which two steps should you take to integrate the company’s on-premises Active Directory with Google Cloud and configure access management? (Choose two.)

Options:

Use Identity Platform to provision users and groups to Google Cloud.

Use Cloud Identity SAML integration to provision users and groups to Google Cloud.

Install Google Cloud Directory Sync and connect it to Active Directory and Cloud Identity.

Create Identity and Access Management (1AM) roles with permissions corresponding to each Active Directory group.

Create Identity and Access Management (1AM) groups with permissions corresponding to each Active Directory group.

Discussion

Ernest

That's amazing. I think I'm going to give Cramkey Dumps a try for my next exam. Thanks for telling me about them! CramKey admin please share more questions……You guys are amazing.

Nate Sep 15, 2024

I failed last week, I never know this site , but amazed to see all these questions were in my exam week before. I feel bad now, why I didn’t bother this site. Thanks Cramkey, Excellent Job.

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Aug 29, 2024

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Mylo

Excellent dumps with authentic information… I passed my exam with brilliant score.

Dominik Aug 29, 2024

That's amazing! I've been looking for good study material that will help me prepare for my upcoming certification exam. Now, I will try it.

Zayaan

Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.

Harmony Sep 10, 2024

That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.

Question 53

Your company’s chief information security officer (CISO) is requiring business data to be stored in specific locations due to regulatory requirements that affect the company’s global expansion plans. After working on a plan to implement this requirement, you determine the following:

The services in scope are included in the Google Cloud data residency requirements.

The business data remains within specific locations under the same organization.

The folder structure can contain multiple data residency locations.

The projects are aligned to specific locations.

You plan to use the Resource Location Restriction organization policy constraint with very granular control. At which level in the hierarchy should you set the constraint?

Options:

Organization

Resource

Project

Folder

Discussion

Question 54

You are the security admin of your company. You have 3,000 objects in your Cloud Storage bucket. You do not want to manage access to each object individually. You also do not want the uploader of an object to always have full control of the object. However, you want to use Cloud Audit Logs to manage access to your bucket.

What should you do?

Options:

Set up an ACL with OWNER permission to a scope of allUsers.

Set up an ACL with READER permission to a scope of allUsers.

Set up a default bucket ACL and manage access for users using IAM.

Set up Uniform bucket-level access on the Cloud Storage bucket and manage access for users using IAM.

Discussion

Question 55

Your organization uses BigQuery to process highly sensitive, structured datasets. Following the "need to know" principle, you need to create the Identity and Access Management (IAM) design to meet the needs of these users:

• Business user must access curated reports.

• Data engineer: must administrate the data lifecycle in the platform.

• Security operator: must review user activity on the data platform.

What should you do?

Options:

Configure data access log for BigQuery services, and grant Project Viewer role to security operators.

Generate a CSV data file based on the business user's needs, and send the data to their email addresses.

Create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer.

Set row-based access control based on the "region" column, and filter the record from the United States for data engineers.