Google pass4future google Cloud Certified Professional-cloud-security-engineer New Questions by Arley q142 vce pdf

Page: 15 / 18

Exam Name:	Google Cloud Certified - Professional Cloud Security Engineer
Exam Code:	Professional-Cloud-Security-Engineer Dumps
Vendor:	Google	Certification:	Google Cloud Certified
Questions:	249 Q&A's	Shared By:	arley

Question 60

You are a Cloud Identity administrator for your organization. In your Google Cloud environment groups are used to manage user permissions. Each application team has a dedicated group Your team is responsible for creating these groups and the application teams can manage the team members on their own through the Google Cloud console. You must ensure that the application teams can only add users from within your organization to their groups.

What should you do?

Options:

Change the configuration of the relevant groups in the Google Workspace Admin console to prevent external users from being added to the group.

Set an Identity and Access Management (1AM) policy that includes a condition that restricts group membership to user principals that belong to your organization.

Define an Identity and Access Management (IAM) deny policy that denies the assignment of principals that are outside your organization to the groups in scope.

Export the Cloud Identity logs to BigQuery Configure an alert for external members added to groups Have the alert trigger a Cloud Function instance that removes the external members from the group.

Discussion

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Aug 29, 2024

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Lennie

I passed my exam and achieved wonderful score, I highly recommend it.

Emelia Oct 2, 2024

I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Alaia

These Dumps are amazing! I used them to study for my recent exam and I passed with flying colors. The information in the dumps is so valid and up-to-date. Thanks a lot!!!

Zofia Sep 9, 2024

That's great to hear! I've been struggling to find good study material for my exam. I will ty it for sure.

Nylah

I've been looking for good study material for my upcoming certification exam. Need help.

Dolly Oct 3, 2024

Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.

Question 61

You manage a fleet of virtual machines (VMs) in your organization. You have encountered issues with lack of patching in many VMs. You need to automate regular patching in your VMs and view the patch management data across multiple projects.

What should you do?

Choose 2 answers

Options:

Deploy patches with VM Manager by using OS patch management

View patch management data in VM Manager by using OS patch management.

Deploy patches with Security Command Center by using Rapid Vulnerability Detection.

View patch management data in a Security Command Center dashboard.

View patch management data in Artifact Registry.

Discussion

Question 62

Your organization acquired a new workload. The Web and Application (App) servers will be running on Compute Engine in a newly created custom VPC. You are responsible for configuring a secure network communication solution that meets the following requirements:

Only allows communication between the Web and App tiers.

Enforces consistent network security when autoscaling the Web and App tiers.

Prevents Compute Engine Instance Admins from altering network traffic.

What should you do?

Options:

1. Configure all running Web and App servers with respective network tags.

2. Create an allow VPC firewall rule that specifies the target/source with respective network tags.

1. Configure all running Web and App servers with respective service accounts.

2. Create an allow VPC firewall rule that specifies the target/source with respective service accounts.

1. Re-deploy the Web and App servers with instance templates configured with respective network tags.

2. Create an allow VPC firewall rule that specifies the target/source with respective network tags.

1. Re-deploy the Web and App servers with instance templates configured with respective service accounts.

2. Create an allow VPC firewall rule that specifies the target/source with respective service accounts.

Discussion

Question 63

A database administrator notices malicious activities within their Cloud SQL instance. The database administrator wants to monitor the API calls that read the configuration or metadata of resources. Which logs should the database administrator review?

Options:

Admin Activity

System Event

Access Transparency

Data Access