Online Access Free Google.Professional-Cloud-Security-Engineer.v2024-11-26.q142 Practice Test (Page 21)

Professional-Cloud-Security-Engineer Exam Question 96

Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy regulations, this data can only be stored for a specific amount of time and must be fully deleted after this specific period. Data that has not yet reached the time period should not be deleted. You want to automate the process of complying with this regulation.
What should you do?

A.Store the data in a single Persistent Disk, and delete the disk at expiration time.

B.Store the data in a single BigQuery table and set the appropriate table expiration time.

C.Store the data in a Cloud Storage bucket, and configure the bucket's Object Lifecycle Management feature.

D.Store the data in a single BigTable table and set an expiration time on the column families.

Professional-Cloud-Security-Engineer Exam Question 97

You are a security administrator at your company. Per Google-recommended best practices, you implemented the domain restricted sharing organization policy to allow only required domains to access your projects. An engineering team is now reporting that users at an external partner outside your organization domain cannot be granted access to the resources in a project. How should you make an exception for your partner's domain while following the stated best practices?

A.Turn off the domain restriction sharing organization policy. Set the policy value to "Allow All."

B.Turn off the domain restricted sharing organization policy. Provide the external partners with the required permissions using Google's Identity and Access Management (IAM) service.

C.Turn off the domain restricted sharing organization policy. Add each partner's Google Workspace customer ID to a Google group, add the Google group as an exception under the organization policy, and then turn the policy back on.

D.Turn off the domain restricted sharing organization policy. Set the policy value to "Custom." Add each external partner's Cloud Identity or Google Workspace customer ID as an exception under the organization policy, and then turn the policy back on.

Professional-Cloud-Security-Engineer Exam Question 98

A customer is running an analytics workload on Google Cloud Platform (GCP) where Compute Engine instances are accessing data stored on Cloud Storage. Your team wants to make sure that this workload will not be able to access, or be accessed from, the internet.
Which two strategies should your team use to meet these requirements? (Choose two.)

A.Configure Private Google Access on the Compute Engine subnet

B.Avoid assigning public IP addresses to the Compute Engine cluster.

C.Make sure that the Compute Engine cluster is running on a separate subnet.

D.Turn off IP forwarding on the Compute Engine instances in the cluster.

E.Configure a Cloud NAT gateway.

Professional-Cloud-Security-Engineer Exam Question 99

A company migrated their entire data/center to Google Cloud Platform. It is running thousands of instances across multiple projects managed by different departments. You want to have a historical record of what was running in Google Cloud Platform at any point in time.
What should you do?

A.Use Forseti Security to automate inventory snapshots.

B.Use Resource Manager on the organization level.

C.Use Stackdriver to create a dashboard across all projects.

D.Use Security Command Center to view all assets across the organization.

Professional-Cloud-Security-Engineer Exam Question 100

You perform a security assessment on a customer architecture and discover that multiple VMs have public IP addresses. After providing a recommendation to remove the public IP addresses, you are told those VMs need to communicate to external sites as part of the customer's typical operations. What should you recommend to reduce the need for public IP addresses in your customer's VMs?

A.Google Cloud Armor

B.Cloud NAT

C.Cloud Router

D.Cloud VPN

Other Version: 570Google.Professional-Cloud-Security-Engineer.v2026-02-09.q123; 778Google.Professional-Cloud-Security-Engineer.v2025-12-26.q111; 1244Google.Professional-Cloud-Security-Engineer.v2023-10-27.q86; 1320Google.Professional-Cloud-Security-Engineer.v2023-03-25.q71; 1107Google.Professional-Cloud-Security-Engineer.v2023-03-10.q59; 103Google.Actualtests4sure.Professional-Cloud-Security-Engineer.v2022-05-23.by.clare.108q.pdf; 2531Google.Professional-Cloud-Security-Engineer.v2022-05-10.q108; 3020Google.Professional-Cloud-Security-Engineer.v2021-10-23.q83; 134Google.Ipassleader.Professional-Cloud-Security-Engineer.v2021-09-16.by.winston.77q.pdf

Latest Upload: 115Microsoft.AB-731.v2026-06-19.q23; 128IIA.IIA-CIA-Part2.v2026-06-19.q308; 125DAMA.MD-1220.v2026-06-19.q66; 125ISTQB.CT-AI.v2026-06-18.q68; 239IIA.IIA-CIA-Part3.v2026-06-17.q220; 165WGU.Introduction-to-IT.v2026-06-17.q67; 203CompTIA.220-1202.v2026-06-16.q110; 136TheInstitutes.CPCU-500.v2026-06-16.q25; 216ACAMS.CAMS7-CN.v2026-06-16.q170; 269CBIC.CIC.v2026-06-15.q123

Professional-Cloud-Security-Engineer Exam Question 96

Professional-Cloud-Security-Engineer Exam Question 97

Professional-Cloud-Security-Engineer Exam Question 98

Professional-Cloud-Security-Engineer Exam Question 99

Professional-Cloud-Security-Engineer Exam Question 100

Download PDF File