Free Access Google.Professional-Cloud-Security-Engineer.v2022-10-17.q111 Practice Test (Page 14)

Question 61

A company is deploying their application on Google Cloud Platform. Company policy requires long-term data to be stored using a solution that can automatically replicate data over at least two geographic places.
Which Storage solution are they allowed to use?

A.Cloud Bigtable

B.Compute Engine Persistent Disk

C.Cloud BigQuery

D.Compute Engine SSD Disk

Question 62

Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy regulations, this data can only be stored for a specific amount of time and must be fully deleted after this specific period. Data that has not yet reached the time period should not be deleted. You want to automate the process of complying with this regulation.
What should you do?

A.Store the data in a single BigTable table and set an expiration time on the column families.

B.Store the data in a single Persistent Disk, and delete the disk at expiration time.

C.Store the data in a single Cloud Storage bucket and configure the bucket's Time to Live.

D.Store the data in a single BigQuery table and set the appropriate table expiration time.

Question 63

A customer has 300 engineers. The company wants to grant different levels of access and efficiently manage IAM permissions between users in the development and production environment projects.
Which two steps should the company take to meet these requirements? (Choose two.)

A.Create a project with multiple VPC networks for each environment.

B.Create projects for each environment, and grant IAM rights to each engineering user.

C.Create an Organizational Policy constraint for each folder environment.

D.Create a Google Group for the Engineering team, and assign permissions at the folder level.

E.Create a folder for each development and production environment.

Question 64

While migrating your organization's infrastructure to GCP, a large number of users will need to access GCP Console. The Identity Management team already has a well-established way to manage your users and want to keep using your existing Active Directory or LDAP server along with the existing SSO password.
What should you do?

A.Manually synchronize the data in Google domain with your existing Active Directory or LDAP server.

B.Use Google Cloud Directory Sync to synchronize the data in Google domain with your existing Active Directory or LDAP server.

C.Users sign in directly to the GCP Console using the credentials from your on-premises Kerberos compliant identity provider.

D.Users sign in using OpenID (OIDC) compatible IdP, receive an authentication token, then use that token to log in to the GCP Console.

Question 65

Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services.
Which two settings must remain disabled to meet these requirements? (Choose two.)

A.Public IP

B.IP Forwarding

C.Private Google Access

D.Static routes

E.IAM Network User Role

Other Version: 2384Google.Professional-Cloud-Security-Engineer.v2022-08-22.q116; 2432Google.Professional-Cloud-Security-Engineer.v2022-01-23.q100

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 162TheSecOpsGroup.CNSP.v2025-09-08.q20; 221CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 184Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 61

Question 62

Question 63

Question 64

Question 65

Download PDF File