Professional-Cloud-Security-Engineer Exam Question 56
A customer implements Cloud Identity-Aware Proxy for their ERP system hosted on Compute Engine. Their security team wants to add a security layer so that the ERP systems only accept traffic from Cloud Identity- Aware Proxy.
What should the customer do to meet these requirements?
What should the customer do to meet these requirements?
Professional-Cloud-Security-Engineer Exam Question 57
Your team needs to configure their Google Cloud Platform (GCP) environment so they can centralize the control over networking resources like firewall rules, subnets, and routes. They also have an on-premises environment where resources need access back to the GCP resources through a private VPN connection. The networking resources will need to be controlled by the network security team.
Which type of networking design should your team use to meet these requirements?
Which type of networking design should your team use to meet these requirements?
Professional-Cloud-Security-Engineer Exam Question 58
You have noticed an increased number of phishing attacks across your enterprise user accounts. You want to implement the Google 2-Step Verification (2SV) option that uses a cryptographic signature to authenticate a user and verify the URL of the login page. Which Google 2SV option should you use?
Professional-Cloud-Security-Engineer Exam Question 59
You are the security admin of your company. You have 3,000 objects in your Cloud Storage bucket. You do not want to manage access to each object individually. You also do not want the uploader of an object to always have full control of the object. However, you want to use Cloud Audit Logs to manage access to your bucket.
What should you do?
What should you do?
Professional-Cloud-Security-Engineer Exam Question 60
You want to evaluate GCP for PCI compliance. You need to identify Google's inherent controls.
Which document should you review to find the information?
Which document should you review to find the information?