EXAM CODE : Professional-Cloud-Security-Engineer UPDATION DATE : 2023-03-30 TOTAL QUESTIONS : 177 UPDATES : UPTO 3 MONTHS GUARANTEE : 100% PASSING GUARANTEE
Professional-Cloud-Security-Engineer exam has grabbed the interest of IT students with its rising need and importance in the field. In spite of being a hard core IT exam, it can easily be passed with the help of Professional-Cloud-Security-Engineer dumps material.This highly demanded and results-producing authentic dumps material can be obtained from Exam4help.com. When you will prepare under the guidance of veterans by using additional facilitating services, your certification is stamped with success.
As a favor to our students, we have availed free of cost demo version for quick quality check before going forward. You get here trust, find satisfaction and meet your success with expertly verified Professional-Cloud-Security-Engineer questions answer. You can download PDF study guide right now at very cheap and attractive price and pursue your career with fast pace. Further, it is the place where you get money back guarantee in case of, though not expected, unfortunate happening and you fail to get your desired result in your final exam. In short, you are promised for definite success with student-friendly preparatory solutions. Just join our hands and leap for your successful career.
ANSWER : D,E
You need to follow Google-recommended practices to leverage envelope encryption and encrypt data at the
application layer.
What should you do?
A. Generate a data encryption key (DEK) locally to encrypt the data, and generate a new key encryption key (KEK) in Cloud KMS to encrypt the DEK. Store both the encrypted data and the encrypted DEK.
B. Generate a data encryption key (DEK) locally to encrypt the data, and generate a new key encryption key (KEK) in Cloud KMS to encrypt the DEK. Store both the encrypted data and the KEK.
C. Generate a new data encryption key (DEK) in Cloud KMS to encrypt the data, and generate a key encryption key (KEK) locally to encrypt the key. Store both the encrypted data and the encrypted DEK.
D. Generate a new data encryption key (DEK) in Cloud KMS to encrypt the data, and generate a key encryption key (KEK) locally to encrypt the key. Store both the encrypted data and the KEK.
ANSWER : A
Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy
regulations, this data can only be stored for a specific amount of time and must be fully deleted after this
specific period. Data that has not yet reached the time period should not be deleted. You want to automate the process of complying with this regulation.
What should you do?
A. Store the data in a single Persistent Disk, and delete the disk at expiration time.
B. Store the data in a single BigQuery table and set the appropriate table expiration time.
C. Store the data in a single Cloud Storage bucket and configure the bucket’s Time to Live.
D. Store the data in a single BigTable table and set an expiration time on the column families.
ANSWER : B
Which international compliance standard provides guidelines for information security controls applicable to the provision and use of cloud services?
A. ISO 27001
B. ISO 27002
C. ISO 27017
D. ISO 27018
ANSWER : C
A website design company recently migrated all customer sites to App Engine. Some sites are still in progress
and should only be visible to customers and company employees from any location.
Which solution will restrict access to the in-progress sites?
A. Upload an .htaccess file containing the customer and employee user accounts to App Engine.
B. Create an App Engine firewall rule that allows access from the customer and employee networks and denies all other traffic.
C. Enable Cloud Identity-Aware Proxy (IAP), and allow access to a Google Group that contains the customer and employee user accounts.
D. Use Cloud VPN to create a VPN connection between the relevant on-premises networks and the company’s GCP Virtual Private Cloud (VPC) network.
ANSWER : C
