Google pass4future google Cloud Certified Professional-cloud-security-engineer New Questions by Arley q142 vce pdf

Page: 15 / 18

Exam Name:	Google Cloud Certified - Professional Cloud Security Engineer
Exam Code:	Professional-Cloud-Security-Engineer Dumps
Vendor:	Google	Certification:	Google Cloud Certified
Questions:	249 Q&A's	Shared By:	arley

Question 60

Your organization uses Google Workspace Enterprise Edition tor authentication. You are concerned about employees leaving their laptops unattended for extended periods of time after authenticating into Google Cloud. You must prevent malicious people from using an employee's unattended laptop to modify their environment.

What should you do?

Options:

Create a policy that requires employees to not leave their sessions open for long durations.

Review and disable unnecessary Google Cloud APIs.

Require strong passwords and 2SV through a security token or Google authenticate.

Set the session length timeout for Google Cloud services to a shorter duration.

Discussion

Question 61

A customer terminates an engineer and needs to make sure the engineer's Google account is automatically deprovisioned.

What should the customer do?

Options:

Use the Cloud SDK with their directory service to remove their IAM permissions in Cloud Identity.

Use the Cloud SDK with their directory service to provision and deprovision users from Cloud Identity.

Configure Cloud Directory Sync with their directory service to provision and deprovision users from Cloud Identity.

Configure Cloud Directory Sync with their directory service to remove their IAM permissions in Cloud Identity.

Discussion

Question 62

Your organization s customers must scan and upload the contract and their driver license into a web portal in Cloud Storage. You must remove all personally identifiable information (Pll) from files that are older than 12 months. Also you must archive the anonymized files for retention purposes.

What should you do?

Options:

Set a time to live (TTL) of 12 months for the files in the Cloud Storage bucket that removes PH and moves the files to the archive storage class.

Create a Cloud Data Loss Prevention (DLP) inspection job that de-identifies Pll in files created more than 12 months ago and archives them to another Cloud Storage bucket. Delete the original files.

Schedule a Cloud Key Management Service (KMS) rotation period of 12 months for the encryption keys of the Cloud Storage files containing Pll to de-identify them Delete the original keys.

Configure the Autoclass feature of the Cloud Storage bucket to de-identify Pll Archive the files that are older than 12 months Delete the original files.

Discussion

Question 63

You are developing a new application that uses exclusively Compute Engine VMs Once a day. this application will execute five different batch jobs Each of the batch jobs requires a dedicated set of permissions on Google Cloud resources outside of your application. You need to design a secure access concept for the batch jobs that adheres to the least-privilege principle

What should you do?

Options:

1. Create a general service account **g-sa" to execute the batch jobs.

• 2 Grant the permissions required to execute the batch jobs to g-sa.

• 3. Execute the batch jobs with the permissions granted to g-sa

1. Create a general service account "g-sa" to orchestrate the batch jobs.

• 2. Create one service account per batch job Mb-sa-[1-5]," and grant only the permissions required to run the individual batch jobs to the service accounts.

• 3. Grant the Service Account Token Creator role to g-sa Use g-sa to obtain short-lived access tokens for b-sa-[1-5] and to execute the batch jobs with the permissions of b-sa-[1-5].

1. Create a workload identity pool and configure workload identity pool providers for each batch job

• 2 Assign the workload identity user role to each of the identities configured in the providers.

• 3. Create one service account per batch job Mb-sa-[1-5]". and grant only the permissions required to run the individual batch jobs to the service accounts

• 4 Generate credential configuration files for each of the providers

• 1. Create a general service account "g-sa" to orchestrate the batch jobs.

• 2 Create one service account per batch job 'b-sa-[1-5)\ Grant only the permissions required to run the individual batch jobs to the service accounts and generate service account keys for each of these service accounts

• 3. Store the service account keys in Secret Manager. Grant g-sa access to Secret Manager and run the batch jobs with the permis

Discussion

Ella-Rose

Amazing website with excellent Dumps. I passed my exam and secured excellent marks!!!

Alisha Aug 17, 2024

Extremely accurate. They constantly update their materials with the latest exam questions and answers, so you can be confident that what you're studying is up-to-date.

Laila

They're such a great resource for anyone who wants to improve their exam results. I used these dumps and passed my exam!! Happy customer, always prefer. Yes, same questions as above I know you guys are perfect.

Keira Aug 12, 2024

100% right….And they're so affordable too. It's amazing how much value you get for the price.

Reeva

Wow what a success I achieved today. Thank you so much Cramkey for amazing Dumps. All students must try it.

Amari Sep 1, 2024

Wow, that's impressive. I'll definitely keep Cramkey in mind for my next exam.

Osian

Dumps are fantastic! I recently passed my certification exam using these dumps and I must say, they are 100% valid.

Azaan Aug 8, 2024

They are incredibly accurate and valid. I felt confident going into my exam because the dumps covered all the important topics and the questions were very similar to what I saw on the actual exam. The team of experts behind Cramkey Dumps make sure the information is relevant and up-to-date.

Page: 15 / 18

Title

Questions

Posted

google.selftestengine.new release professional-cloud-security-engineer google cloud certified questions.by ayrton.q106.vce.pdf

106

2025-03-26

google.surepassexam.free professional-cloud-security-engineer questions attempt.by zachariah.q18.vce.pdf

2025-03-04

google.dumpsboss.changed professional-cloud-security-engineer exam questions.by nikolas.q35.vce.pdf

2025-04-01

google.certification-questions.online professional-cloud-security-engineer questions video.by blake.q142.vce.pdf