Google pass4future google Cloud Certified Professional-cloud-security-engineer New Questions by Arley q142 vce pdf

Page: 15 / 18

Exam Name:	Google Cloud Certified - Professional Cloud Security Engineer
Exam Code:	Professional-Cloud-Security-Engineer Dumps
Vendor:	Google	Certification:	Google Cloud Certified
Questions:	249 Q&A's	Shared By:	arley

Question 60

Your organization uses Google Workspace Enterprise Edition tor authentication. You are concerned about employees leaving their laptops unattended for extended periods of time after authenticating into Google Cloud. You must prevent malicious people from using an employee's unattended laptop to modify their environment.

What should you do?

Options:

Create a policy that requires employees to not leave their sessions open for long durations.

Review and disable unnecessary Google Cloud APIs.

Require strong passwords and 2SV through a security token or Google authenticate.

Set the session length timeout for Google Cloud services to a shorter duration.

Discussion

Question 61

A customer terminates an engineer and needs to make sure the engineer's Google account is automatically deprovisioned.

What should the customer do?

Options:

Use the Cloud SDK with their directory service to remove their IAM permissions in Cloud Identity.

Use the Cloud SDK with their directory service to provision and deprovision users from Cloud Identity.

Configure Cloud Directory Sync with their directory service to provision and deprovision users from Cloud Identity.

Configure Cloud Directory Sync with their directory service to remove their IAM permissions in Cloud Identity.

Discussion

Question 62

Your organization s customers must scan and upload the contract and their driver license into a web portal in Cloud Storage. You must remove all personally identifiable information (Pll) from files that are older than 12 months. Also you must archive the anonymized files for retention purposes.

What should you do?

Options:

Set a time to live (TTL) of 12 months for the files in the Cloud Storage bucket that removes PH and moves the files to the archive storage class.

Create a Cloud Data Loss Prevention (DLP) inspection job that de-identifies Pll in files created more than 12 months ago and archives them to another Cloud Storage bucket. Delete the original files.

Schedule a Cloud Key Management Service (KMS) rotation period of 12 months for the encryption keys of the Cloud Storage files containing Pll to de-identify them Delete the original keys.

Configure the Autoclass feature of the Cloud Storage bucket to de-identify Pll Archive the files that are older than 12 months Delete the original files.

Discussion

Robin

Cramkey is highly recommended.

Jonah Oct 16, 2024

Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!

Stefan

Thank you so much Cramkey I passed my exam today due to your highly up to date dumps.

Ocean Aug 31, 2024

Agree….Cramkey Dumps are constantly updated based on changes in the exams. They also have a team of experts who regularly review the materials to ensure their accuracy and relevance. This way, you can be sure you're studying the most up-to-date information available.

Inaaya

Are these Dumps worth buying?

Fraser Oct 9, 2024

Yes, of course, they are necessary to pass the exam. They give you an insight into the types of questions that could come up and help you prepare effectively.

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Aug 29, 2024

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Lois

I passed my exam with wonderful score. Their dumps are 100% valid and I felt confident during the exam.

Ernie Oct 29, 2024

Absolutely. The best part is, the answers in the dumps were correct. So, I felt confident and well-prepared for the exam.

Question 63

You are developing a new application that uses exclusively Compute Engine VMs Once a day. this application will execute five different batch jobs Each of the batch jobs requires a dedicated set of permissions on Google Cloud resources outside of your application. You need to design a secure access concept for the batch jobs that adheres to the least-privilege principle

What should you do?

Options:

1. Create a general service account **g-sa" to execute the batch jobs.

• 2 Grant the permissions required to execute the batch jobs to g-sa.

• 3. Execute the batch jobs with the permissions granted to g-sa

1. Create a general service account "g-sa" to orchestrate the batch jobs.

• 2. Create one service account per batch job Mb-sa-[1-5]," and grant only the permissions required to run the individual batch jobs to the service accounts.

• 3. Grant the Service Account Token Creator role to g-sa Use g-sa to obtain short-lived access tokens for b-sa-[1-5] and to execute the batch jobs with the permissions of b-sa-[1-5].

1. Create a workload identity pool and configure workload identity pool providers for each batch job

• 2 Assign the workload identity user role to each of the identities configured in the providers.

• 3. Create one service account per batch job Mb-sa-[1-5]". and grant only the permissions required to run the individual batch jobs to the service accounts

• 4 Generate credential configuration files for each of the providers

• 1. Create a general service account "g-sa" to orchestrate the batch jobs.

• 2 Create one service account per batch job 'b-sa-[1-5)\ Grant only the permissions required to run the individual batch jobs to the service accounts and generate service account keys for each of these service accounts

• 3. Store the service account keys in Secret Manager. Grant g-sa access to Secret Manager and run the batch jobs with the permis

Discussion

Page: 15 / 18

Title

Questions

Posted

google.selftestengine.new release professional-cloud-security-engineer google cloud certified questions.by ayrton.q106.vce.pdf

106

2025-04-30

google.surepassexam.free professional-cloud-security-engineer questions attempt.by zachariah.q18.vce.pdf

2025-05-04

google.dumpsboss.changed professional-cloud-security-engineer exam questions.by nikolas.q35.vce.pdf