Professional-Cloud-Security-Engineer Exam Question 21

A company allows every employee to use Google Cloud Platform. Each department has a Google Group, with all department members as group members. If a department member creates a new project, all members of that department should automatically have read-only access to all new project resources. Members of any other department should not have access to the project. You need to configure this behavior.
What should you do to meet these requirements?
  • Professional-Cloud-Security-Engineer Exam Question 22

    A company is running workloads in a dedicated server room. They must only be accessed from within the private company network. You need to connect to these workloads from Compute Engine instances within a Google Cloud Platform project.
    Which two approaches can you take to meet the requirements? (Choose two.)
  • Professional-Cloud-Security-Engineer Exam Question 23

    How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM system?
  • Professional-Cloud-Security-Engineer Exam Question 24

    You are working with a client who plans to migrate their data to Google Cloud. You are responsible for recommending an encryption service to manage their encrypted keys. You have the following requirements:
    The master key must be rotated at least once every 45 days.
    The solution that stores the master key must be FIPS 140-2 Level 3 validated.
    The master key must be stored in multiple regions within the US for redundancy.
    Which solution meets these requirements?
  • Professional-Cloud-Security-Engineer Exam Question 25

    Employees at your company use their personal computers to access your organization s Google Cloud console. You need to ensure that users can only access the Google Cloud console from their corporate-issued devices and verify that they have a valid enterprise certificate What should you do?