Free CLOUD-DIGITAL-LEADER Exam Braindumps (page: 37)

Page 37 of 104

How does a least privilege resource access model contribute to cloud security?

  1. Google is responsible for determining access to cloud resources.
  2. Employees may only access on-premises software with special permission.
  3. Only managers and other senior employees have cloud resource access.
  4. Employees only have access to the cloud resources necessary for their job.

Answer(s): D

Explanation:

This is the definition of a least privilege model.
A supporting principle that helps organizations achieve these goals is the principle of least privilege. The principle of least privilege addresses access control and states that an individual should have only the minimum access privileges necessary to perform a specific job or task and nothing more



You are working for a hospital that stores its medical images in an on-premises data room and it is provided that the hospitals want to use Cloud Storage for archival storage of these images. You are required to design and implement a solution where the hospital wants an automated process to up- load any new medical images to Cloud Storage. On the basis of this statements which of the follow- ing statement is correct.

  1. Create a Pub/Sub topic, and enable a Cloud Storage trigger for the Pub/Sub topic. Create an application that sends all medical images to the Pub/Sub topic.
  2. Create a script that uses the gsutil command line interface to synchronize the on-premises storage with Cloud Storage. Schedule the script as a cron job.
  3. In the Cloud Console, go to Cloud Storage. Upload the relevant images to the ap-propriate bucket.
  4. Deploy a Dataflow job from the batch template, "Datastore to Cloud Storage" Schedule the batch job on the desired interval.

Answer(s): B

Explanation:

Using sync for new images implies that you will continue to use your onprem and keep synchronizing it forever, Sync just once for the old images, new images go directly to google cloud via pub/sub, and eventually get rid of the onprem.



You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored dat

  1. You want to make sure you comply with these requirements.
    What should you do?
  2. Scan the bucket using the Data Loss Prevention API.
  3. Enable Data Access audit logs for the Cloud Storage API.
  4. Enable the Identity Aware Proxy API on the project.
  5. Allow only a single Service Account access to read the data.

Answer(s): B

Explanation:

Logged information
Your Google Cloud projects contain only the audit logs for resources that are directly within the Cloud project. Other Google Cloud resources, such as folders, organizations, and billing accounts, contain the audit logs for the entity itself.

Reference link- https://cloud.google.com/storage/docs/audit-logging



Your client has an on-premises data center. Due to technical limitations, they are unable to scale globally. They have decided to adopt the public cloud. However, they don't want to locked into any one vendor and, therefore, would like to work with multiple cloud providers. They have used open source container technologies and would like to continue using them.

  1. Cloud Run which supports containers and can scale in a serverless fashion
  2. Kubernetes that runs containers as their core workloads
  3. AppEngine Flexible Environment which supports containers
  4. Anthos that runs containers as their core workloads

Answer(s): D

Explanation:

Anthos unifies the management of infrastructure and applications across on-premises, edge, and in multiple public clouds with a Google Cloud-backed control plane for consistent operation at scale.



Page 37 of 104



Post your Comments and Discuss Google CLOUD-DIGITAL-LEADER exam with other Community members:

Hemlata commented on December 20, 2024
Great content
INDIA
upvote

Hemlata commented on December 20, 2024
It is useful.
INDIA
upvote

Usman commented on December 10, 2024
It is a great collection but I have noticed that some answers are wrong. For example, it says that correct answer is B but the description of that answer matches with answer A. So it is advisable to read the answer's description as well.
Anonymous
upvote

Anand commented on December 06, 2024
Nice questions
UNITED STATES
upvote

Srinivas commented on December 04, 2024
Good collection of questions
UNITED STATES
upvote

AK commented on November 28, 2024
Are these enough?
UNITED STATES
upvote

Harish commented on November 18, 2024
It is very helpful to understand the GCP
Anonymous
upvote

Vidhi Mishra commented on October 25, 2024
Nice set of questions
Anonymous
upvote

Baghya commented on October 24, 2024
Yeh dumps use kiye aur exam mein pass ho gaya.
INDIA
upvote

Varma commented on October 24, 2024
Thanks team and Thanks to these dumps, I’ve never felt so confident about last-minute prep!
INDIA
upvote

Darko commented on October 24, 2024
Passed! let’s just say these dumps were the secret weapon.
EUROPEAN UNION
upvote

Machoo987 commented on October 24, 2024
Studying wasn’t working, so I turned to these dumps—best decision I made since pizza for breakfast!
UNITED STATES
upvote

Chandara commented on October 24, 2024
I passed with ease, and now I have to explain to my friends how ‘studying’ got me through. hahah
INDIA
upvote

Drew commented on October 24, 2024
Used these dumps, nailed the exam—now I’m basically a genius (or close enough).
Australia
upvote

Vidhi Mishra commented on October 24, 2024
Huge set of Cloud Dital leader exam
Anonymous
upvote

Learner commented on September 20, 2024
Nice coverage
Anonymous
upvote

vasavi commented on September 11, 2024
give me some more clarity
Anonymous
upvote

SB commented on July 18, 2024
good questions
Anonymous
upvote

Shiv commented on July 13, 2024
Good to see
Anonymous
upvote

Rinku commented on June 24, 2024
have a doubt in question 1
INDIA
upvote

Ranveer commented on July 26, 2023
Pass this exam 3 days ago. The PDF version and the Xengine App is quite useful.
SOUTH AFRICA
upvote

Karthik commented on October 12, 2023
nice question
Anonymous
upvote

EDITH NCUBE commented on July 25, 2023
answers are correct
SOUTH AFRICA
upvote

Karthik commented on October 12, 2023
Nice question
Anonymous
upvote

Arvind commented on September 16, 2023
question 40 is wrong and reference is also wrong(its aws). The ans should be Storage Transfer Service.
Anonymous
upvote

Lavanya commented on September 11, 2023
Nice info very useful
UNITED STATES
upvote

Aam Aadmi commented on August 11, 2023
Answer to question#60 doesnt look right, if organization needs serverless compute, it should be cloud function instead of compute engine
UNITED STATES
upvote

EDITH NCUBE commented on July 26, 2023
Question 60 is wrong. The answer should be C
SOUTH AFRICA
upvote

EDITH NCUBE commented on July 25, 2023
Answers are correct
SOUTH AFRICA
upvote

EDITH NCUBE commented on July 25, 2023
The answers seem correct
SOUTH AFRICA
upvote

JB commented on July 23, 2023
Good basic questions
Anonymous
upvote

Jaideep commented on July 14, 2023
good question
Anonymous
upvote

Rekha commented on May 24, 2023
Useful dump
Anonymous
upvote