Free Google Professional-Cloud-Security-Engineer Exam Questions

Question 1

An employer wants to track how bonus compensations have changed over time to identify employee outliers

and correct earning disparities. This task must be performed without exposing the sensitive compensation data

for any individual and must be reversible to identify the outlier.

Which Cloud Data Loss Prevention API technique should you use to accomplish this?

A : Generalization

B : Redaction

C : CryptoHashConfig

D : CryptoReplaceFfxFpeConfig

Answer: D

Question 2

As a member of the security team for a Smart Home Automation company, what steps should you take to reduce the scope of systems subject to PCI audit standards in your GCP project that includes credit card payment processing systems, web applications, and data processing systems?

A : It is recommended to utilize VPN to establish connections between your office and cloud environments.

B : Separate the GCP project to house the cardholder data environment.

C : It is recommended to implement multi-factor authentication to secure the admin access to the web application.

D : Utilize solely PA-DSS compliant certified applications.

Answer: B

Question 3

You have just created a new log bucket to replace the _Default log bucket. You want to route all log entries that are currently routed to the _Default log bucket to this new log bucket in the most efficient manner. What should you do?

A : Create a user-defined sink with inclusion filters copied from the _Default sink. Select the new log bucket as the sink destination.

B : Create exclusion filters for the _Default sink to prevent it from receiving new logs. Create a userdefined sink, and select the new log bucket as the sink destination.

C : Disable the _Default sink. Create a user-defined sink and select the new log bucket as the sink destination.

D : Edit the _Default sink, and select the new log bucket as the sink destination.

Answer: D

Question 4

You have just created a new log bucket to replace the _Default log bucket. You want to route all log entries that are currently routed to the _Default log bucket to this new log bucket in the most efficient manner. What should you do?

A : Create a user-defined sink with inclusion filters copied from the _Default sink. Select the new log bucket as the sink destination.

B : Create exclusion filters for the _Default sink to prevent it from receiving new logs. Create a userdefined sink, and select the new log bucket as the sink destination.

C : Disable the _Default sink. Create a user-defined sink and select the new log bucket as the sink destination.

D : Edit the _Default sink, and select the new log bucket as the sink destination.

Answer: D

Question 5

You have just created a new log bucket to replace the _Default log bucket. You want to route all log entries that are currently routed to the _Default log bucket to this new log bucket in the most efficient manner. What should you do?

A : Create a user-defined sink with inclusion filters copied from the _Default sink. Select the new log bucket as the sink destination.

B : Create exclusion filters for the _Default sink to prevent it from receiving new logs. Create a userdefined sink, and select the new log bucket as the sink destination.

C : Disable the _Default sink. Create a user-defined sink and select the new log bucket as the sink destination.

D : Edit the _Default sink, and select the new log bucket as the sink destination.

Answer: D