CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. CLOUD-DIGITAL-LEADER

Free CLOUD-DIGITAL-LEADER Exam Braindumps (page: 38)

Page 37 of 104
PDF with 411 Questions

How does a least privilege resource access model contribute to cloud security?

  1. Google is responsible for determining access to cloud resources.
  2. Employees may only access on-premises software with special permission.
  3. Only managers and other senior employees have cloud resource access.
  4. Employees only have access to the cloud resources necessary for their job.

Answer(s): D

Explanation:

This is the definition of a least privilege model.
A supporting principle that helps organizations achieve these goals is the principle of least privilege. The principle of least privilege addresses access control and states that an individual should have only the minimum access privileges necessary to perform a specific job or task and nothing more



You are working for a hospital that stores its medical images in an on-premises data room and it is provided that the hospitals want to use Cloud Storage for archival storage of these images. You are required to design and implement a solution where the hospital wants an automated process to up- load any new medical images to Cloud Storage. On the basis of this statements which of the follow- ing statement is correct.

  1. Create a Pub/Sub topic, and enable a Cloud Storage trigger for the Pub/Sub topic. Create an application that sends all medical images to the Pub/Sub topic.
  2. Create a script that uses the gsutil command line interface to synchronize the on-premises storage with Cloud Storage. Schedule the script as a cron job.
  3. In the Cloud Console, go to Cloud Storage. Upload the relevant images to the ap-propriate bucket.
  4. Deploy a Dataflow job from the batch template, "Datastore to Cloud Storage" Schedule the batch job on the desired interval.

Answer(s): B

Explanation:

Using sync for new images implies that you will continue to use your onprem and keep synchronizing it forever, Sync just once for the old images, new images go directly to google cloud via pub/sub, and eventually get rid of the onprem.



You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored dat

  1. You want to make sure you comply with these requirements.
    What should you do?
  2. Scan the bucket using the Data Loss Prevention API.
  3. Enable Data Access audit logs for the Cloud Storage API.
  4. Enable the Identity Aware Proxy API on the project.
  5. Allow only a single Service Account access to read the data.

Answer(s): B

Explanation:

Logged information
Your Google Cloud projects contain only the audit logs for resources that are directly within the Cloud project. Other Google Cloud resources, such as folders, organizations, and billing accounts, contain the audit logs for the entity itself.

Reference link- https://cloud.google.com/storage/docs/audit-logging



Your client has an on-premises data center. Due to technical limitations, they are unable to scale globally. They have decided to adopt the public cloud. However, they don't want to locked into any one vendor and, therefore, would like to work with multiple cloud providers. They have used open source container technologies and would like to continue using them.

  1. Cloud Run which supports containers and can scale in a serverless fashion
  2. Kubernetes that runs containers as their core workloads
  3. AppEngine Flexible Environment which supports containers
  4. Anthos that runs containers as their core workloads

Answer(s): D

Explanation:

Anthos unifies the management of infrastructure and applications across on-premises, edge, and in multiple public clouds with a Google Cloud-backed control plane for consistent operation at scale.






Post your Comments and Discuss Google CLOUD-DIGITAL-LEADER exam with other Community members:

CLOUD-DIGITAL-LEADER Discussions & Posts