Online Access Free Google.Professional-Cloud-Security-Engineer.v2024-11-26.q142 Practice Test (Page 22)

Professional-Cloud-Security-Engineer Exam Question 101

You want to evaluate GCP for PCI compliance. You need to identify Google's inherent controls.
Which document should you review to find the information?

A.Google Cloud Platform: Customer Responsibility Matrix

B.PCI DSS Requirements and Security Assessment Procedures

C.PCI SSC Cloud Computing Guidelines

D.Product documentation for Compute Engine

Professional-Cloud-Security-Engineer Exam Question 102

You want to limit the images that can be used as the source for boot disks. These images will be stored in a dedicated project.
What should you do?

A.Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted project as the whitelist in an allow operation.

B.Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted projects as the exceptions in a deny operation.

C.In Resource Manager, edit the project permissions for the trusted project. Add the organization as member with the role: Compute Image User.

D.In Resource Manager, edit the organization permissions. Add the project ID as member with the role: Compute Image User.

Professional-Cloud-Security-Engineer Exam Question 103

A company's application is deployed with a user-managed Service Account key. You want to use Google- recommended practices to rotate the key.
What should you do?

A.Open Cloud Shell and run gcloud iam service-accounts enable-auto-rotate --iam- account=IAM_ACCOUNT.

B.Open Cloud Shell and run gcloud iam service-accounts keys rotate --iam- account=IAM_ACCOUNT
--key=NEW_KEY.

C.Create a new key, and use the new key in the application. Delete the old key from the Service Account.

D.Create a new key, and use the new key in the application. Store the old key on the system as a backup key.

Professional-Cloud-Security-Engineer Exam Question 104

You will create a new Service Account that should be able to list the Compute Engine instances in the project.
You want to follow Google-recommended practices.
What should you do?

A.Create an Instance Template, and allow the Service Account Read Only access for the Compute Engine Access Scope.

B.Create a custom role with the permission compute.instances.list and grant the Service Account this role.

C.Give the Service Account the role of Compute Viewer, and use the new Service Account for all instances.

D.Give the Service Account the role of Project Viewer, and use the new Service Account for all instances.

Professional-Cloud-Security-Engineer Exam Question 105

Your company's new CEO recently sold two of the company's divisions. Your Director asks you to help migrate the Google Cloud projects associated with those divisions to a new organization node. Which preparation steps are necessary before this migration occurs? (Choose two.)

A.Remove all project-level custom Identity and Access Management (1AM) roles.

B.Disallow inheritance of organization policies.

C.Identify inherited Identity and Access Management (1AM) roles on projects to be migrated.

D.Create a new folder for all projects to be migrated.

E.Remove the specific migration projects from any VPC Service Controls perimeters and bridges.

Other Version: 551Google.Professional-Cloud-Security-Engineer.v2026-02-09.q123; 760Google.Professional-Cloud-Security-Engineer.v2025-12-26.q111; 1236Google.Professional-Cloud-Security-Engineer.v2023-10-27.q86; 1297Google.Professional-Cloud-Security-Engineer.v2023-03-25.q71; 1091Google.Professional-Cloud-Security-Engineer.v2023-03-10.q59; 103Google.Actualtests4sure.Professional-Cloud-Security-Engineer.v2022-05-23.by.clare.108q.pdf; 2512Google.Professional-Cloud-Security-Engineer.v2022-05-10.q108; 3003Google.Professional-Cloud-Security-Engineer.v2021-10-23.q83; 134Google.Ipassleader.Professional-Cloud-Security-Engineer.v2021-09-16.by.winston.77q.pdf

Latest Upload: 144CrowdStrike.CCSE-204.v2026-06-12.q25; 166VMware.2V0-17.25.v2026-06-12.q49; 160Appian.ACA-100.v2026-06-11.q23; 212CompTIA.220-1202.v2026-06-11.q114; 171CheckPoint.156-590.v2026-06-11.q47; 231CompTIA.220-1202.v2026-06-10.q109; 214CertiProf.CEHPC.v2026-06-10.q54; 154Hitachi.HQT-4160.v2026-06-10.q25; 411PMI.PMI-ACP-CN.v2026-06-09.q453; 195Splunk.SPLK-5002.v2026-06-08.q52

Professional-Cloud-Security-Engineer Exam Question 101

Professional-Cloud-Security-Engineer Exam Question 102

Professional-Cloud-Security-Engineer Exam Question 103

Professional-Cloud-Security-Engineer Exam Question 104

Professional-Cloud-Security-Engineer Exam Question 105

Download PDF File