Cloud Smog
  • ホーム
  • 模擬問題集
    • Amazon Web Services
    • Google Cloud Platform
    • Google for Education
  • トライヤル試験
  • プライバシーポリシー
  • はじめに
問題集を購入する
2020年12月28日

Professional Cloud Security Engineer Practice Exam (2020.07.02)

Professional Cloud Security Engineer Practice Exam (2020.07.02)
2020年12月28日

Google Cloud Certified – Professional Cloud Security Engineer – Practice Exam (Question 40)


QUESTION 1

A customer deployed an application on Google Compute Engine that takes advantage of the elastic nature of cloud computing.
How can you work with Infrastructure Operations Engineers to best ensure that Windows Google Compute Engine VMs are up to date with all the latest OS patches?

  • A. Federate a Domain Controller into Google Compute Engine, and roll out weekly patches via Group Policy Object.
  • B. Use Deployment Manager to provision updated VMs into new serving Instance Groups (IGs).
  • C. Reboot all VMs during the weekly maintenance window and allow the StartUp Script to download the latest patches from the internet.
  • D. Build new base images when patches are available, and use a CI/CD pipeline to rebuild VMs, deploying incrementally.

Correct Answer: C


QUESTION 2

You are part of a security team investigating a compromised service account key.
You need to audit which new resources were created by the service account.
What should you do?

  • A. Query Data Access logs.
  • B. Query Admin Activity logs.
  • C. Query Access Transparency logs.
  • D. Query Stackdriver Monitoring Workspace.

Correct Answer: A

Reference contents:
– Audit logs for service accounts | Cloud IAM Documentation


QUESTION 3

A customer wants to run a batch processing system on VMs and store the output files in a Google Cloud Storage bucket.
The networking and security teams have decided that no VMs may reach the public internet.
How should this be accomplished?

  • A. Mount a Google Cloud Storage bucket as a local filesystem on every VM.
  • B. Provision a NAT Gateway to access the Google Cloud Storage API endpoint.
  • C. Enable Private Google Access on the VPC.
  • D. Create a firewall rule to block internet traffic from the VM.
TO SEE THE REST OF THIS …
前の記事DevOps エンジニア – プロフェッショナル 模擬問題集(2020.08.12)次の記事 Professional Cloud Security Engineer 模擬問題集(2020.07.02)[GCP] Google Cloud Certified - Professional Security Engineer

Google Cloud 模擬問題集

AWS 模擬問題集

Google for Education 模擬問題集

Tags

Associate Cloud Engineer (19) DevOps Engineer - Professional (2) Google Cloud Digital Leader (10) Google 認定教育者 (10) Professional Cloud Architect (18) Professional Cloud Database Engineer (2) Professional Cloud Developer (12) Professional Cloud DevOps Engineer (6) Professional Cloud Network Engineer (7) Professional Cloud Security Engineer (8) Professional Data Engineer (19) Professional Google Workspace Administrator (8) Professional Machine Learning Engineer (2) Solutions Architect Associate (2) Trainer Skills Assessment (4)
© 2020 CloudSmog .