Online Access Free Google.Professional-Cloud-Security-Engineer.v2023-03-10.q59 Practice Test (Page 13)

Professional-Cloud-Security-Engineer Exam Question 56

In order to meet PCI DSS requirements, a customer wants to ensure that all outbound traffic is authorized.
Which two cloud offerings meet this requirement without additional compensating controls? (Choose two.)

A.App Engine

B.Cloud Functions

C.Compute Engine

D.Google Kubernetes Engine

E.Cloud Storage

Professional-Cloud-Security-Engineer Exam Question 57

You want to make sure that your organization's Cloud Storage buckets cannot have data publicly available to the internet. You want to enforce this across all Cloud Storage buckets. What should you do?

A.Configure uniform bucket-level access, and enforce domain restricted sharing in an organization policy.

B.Remove Owner roles from end users, and configure Cloud Data Loss Prevention.

C.Remove *.setIamPolicy permissions from all roles, and enforce domain restricted sharing in an organization policy.

D.Remove Owner roles from end users, and enforce domain restricted sharing in an organization policy.

Professional-Cloud-Security-Engineer Exam Question 58

You are on your company's development team. You noticed that your web application hosted in staging on GKE dynamically includes user data in web pages without first properly validating the inputted dat a. This could allow an attacker to execute gibberish commands and display arbitrary content in a victim user's browser in a production environment.
How should you prevent and fix this vulnerability?

A.Use Cloud IAP based on IP address or end-user device attributes to prevent and fix the vulnerability.

B.Set up an HTTPS load balancer, and then use Cloud Armor for the production environment to prevent the potential XSS attack.

C.Use Web Security Scanner to validate the usage of an outdated library in the code, and then use a secured version of the included library.

D.Use Web Security Scanner in staging to simulate an XSS injection attack, and then use a templating system that supports contextual auto-escaping.

Professional-Cloud-Security-Engineer Exam Question 59

An organization's typical network and security review consists of analyzing application transit routes, request handling, and firewall rules. They want to enable their developer teams to deploy new applications without the overhead of this full review.
How should you advise this organization?

A.Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.

B.Route all VPC traffic through customer-managed routers to detect malicious patterns in production.

C.All production applications will run on-premises. Allow developers free rein in GCP as their dev and QA platforms.

D.Use Forseti with Firewall filters to catch any unwanted configurations in production.

Other Version: 568Google.Professional-Cloud-Security-Engineer.v2026-02-09.q123; 778Google.Professional-Cloud-Security-Engineer.v2025-12-26.q111; 1240Google.Professional-Cloud-Security-Engineer.v2024-11-26.q142; 1244Google.Professional-Cloud-Security-Engineer.v2023-10-27.q86; 1320Google.Professional-Cloud-Security-Engineer.v2023-03-25.q71; 103Google.Actualtests4sure.Professional-Cloud-Security-Engineer.v2022-05-23.by.clare.108q.pdf; 2530Google.Professional-Cloud-Security-Engineer.v2022-05-10.q108; 3020Google.Professional-Cloud-Security-Engineer.v2021-10-23.q83; 134Google.Ipassleader.Professional-Cloud-Security-Engineer.v2021-09-16.by.winston.77q.pdf

Latest Upload: 125ISTQB.CT-AI.v2026-06-18.q68; 237IIA.IIA-CIA-Part3.v2026-06-17.q220; 164WGU.Introduction-to-IT.v2026-06-17.q67; 203CompTIA.220-1202.v2026-06-16.q110; 135TheInstitutes.CPCU-500.v2026-06-16.q25; 216ACAMS.CAMS7-CN.v2026-06-16.q170; 262CBIC.CIC.v2026-06-15.q123; 152Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 264HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 159Peoplecert.ITILFNDv5.v2026-06-15.q26

Professional-Cloud-Security-Engineer Exam Question 56

Professional-Cloud-Security-Engineer Exam Question 57

Professional-Cloud-Security-Engineer Exam Question 58

Professional-Cloud-Security-Engineer Exam Question 59

Download PDF File