Online Access Free Google.Professional-Cloud-Security-Engineer.v2024-11-26.q142 Practice Test (Page 27)

Professional-Cloud-Security-Engineer Exam Question 126

Your customer is moving their corporate applications to Google Cloud Platform. The security team wants detailed visibility of all resources in the organization. You use Resource Manager to set yourself up as the org admin. What Cloud Identity and Access Management (Cloud IAM) roles should you give to the security team?

A.Org viewer, Project owner

B.Org viewer, Project viewer

C.Org admin, Project browser

D.Project owner, Network admin

Professional-Cloud-Security-Engineer Exam Question 127

Your Security team believes that a former employee of your company gained unauthorized access to Google Cloud resources some time in the past 2 months by using a service account key. You need to confirm the unauthorized access and determine the user activity. What should you do?

A.Use the Logs Explorer to search for user activity.

B.Use Security Health Analytics to determine user activity.

C.Use the Cloud Monitoring console to filter audit logs by user.

D.Use the Cloud Data Loss Prevention API to query logs in Cloud Storage.

Professional-Cloud-Security-Engineer Exam Question 128

You want to evaluate GCP for PCI compliance. You need to identify Google's inherent controls.
Which document should you review to find the information?

A.PCI DSS Requirements and Security Assessment Procedures

B.Google Cloud Platform: Customer Responsibility Matrix

C.PCI SSC Cloud Computing Guidelines

D.Product documentation for Compute Engine

Professional-Cloud-Security-Engineer Exam Question 129

Which two security characteristics are related to the use of VPC peering to connect two VPC networks?
(Choose two.)

A.Central management of routes, firewalls, and VPNs for peered networks

B.Ability to share specific subnets across peered networks

C.Non-transitive peered networks; where only directly peered networks can communicate

D.Ability to peer networks that belong to different Google Cloud Platform organizations

E.Firewall rules that can be created with a tag from one peered network to another peered network

Professional-Cloud-Security-Engineer Exam Question 130

Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services.
Which two settings must remain disabled to meet these requirements? (Choose two.)

A.Public IP

B.IP Forwarding

C.Private Google Access

D.Static routes

E.IAM Network User Role

Other Version: 534Google.Professional-Cloud-Security-Engineer.v2026-02-09.q123; 726Google.Professional-Cloud-Security-Engineer.v2025-12-26.q111; 1213Google.Professional-Cloud-Security-Engineer.v2023-10-27.q86; 1264Google.Professional-Cloud-Security-Engineer.v2023-03-25.q71; 1068Google.Professional-Cloud-Security-Engineer.v2023-03-10.q59; 103Google.Actualtests4sure.Professional-Cloud-Security-Engineer.v2022-05-23.by.clare.108q.pdf; 2489Google.Professional-Cloud-Security-Engineer.v2022-05-10.q108; 2993Google.Professional-Cloud-Security-Engineer.v2021-10-23.q83; 134Google.Ipassleader.Professional-Cloud-Security-Engineer.v2021-09-16.by.winston.77q.pdf

Latest Upload: 148Oracle.1D0-1057-25-D.v2026-06-03.q29; 276NAHQ.CPHQ.v2026-06-03.q396; 256CompTIA.220-1201.v2026-06-03.q196; 158GIAC.GCFE.v2026-06-03.q78; 156HIMSS.CPHIMS.v2026-06-03.q45; 235Google.Professional-Cloud-Architect.v2026-06-03.q165; 161HP.HPE7-A09.v2026-06-02.q48; 171ACDIS.CCDS-O.v2026-06-02.q56; 152Microsoft.AB-730.v2026-06-02.q31; 228ASQ.CSSBB.v2026-06-02.q130

Professional-Cloud-Security-Engineer Exam Question 126

Professional-Cloud-Security-Engineer Exam Question 127

Professional-Cloud-Security-Engineer Exam Question 128

Professional-Cloud-Security-Engineer Exam Question 129

Professional-Cloud-Security-Engineer Exam Question 130

Download PDF File