Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 1 Question 17 Discussion

A customer wants to deploy a large number of 3-tier web applications on Compute Engine.How should the customer ensure authenticated network separation between the different tiers of the application?
C) Run each tier in its own subnet, and use subnet-based firewall rules.
A) Run each tier in its own Project, and segregate using Project labels.
B) Run each tier with a different Service Account (SA), and use SA-based firewall rules.
D) Run each tier with its own VM tags, and use tag-based firewall rules.

Google Professional Cloud Security Engineer Exam - Topic 1 Question 17 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 17
Topic #: 1
[All Professional Cloud Security Engineer Questions]

A customer wants to deploy a large number of 3-tier web applications on Compute Engine.

How should the customer ensure authenticated network separation between the different tiers of the application?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Roxane at May 06, 2022, 10:29 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Valentine
7 months ago
Definitely leaning towards B, SA-based rules are solid!
upvoted 0 times
...
Cecilia
7 months ago
D is interesting, but I prefer the clarity of C.
upvoted 0 times
...
Lindsey
8 months ago
Surprised that A is even an option, doesn't seem secure enough.
upvoted 0 times
...
Cecilia
8 months ago
I think C makes more sense for network separation.
upvoted 0 times
...
Sunny
8 months ago
Option B is the best choice for security!
upvoted 0 times
...
Jeanice
8 months ago
Using VM tags sounds familiar, but I wonder if that would really enforce the separation we need between the application tiers.
upvoted 0 times
...
Phil
8 months ago
I practiced a question similar to this where project labels were involved, but I feel like that might not provide enough security for network separation.
upvoted 0 times
...
Tracey
8 months ago
I think running each tier in its own subnet could work, but I can't recall if there are any limitations with that approach.
upvoted 0 times
...
Amie
8 months ago
I remember something about using service accounts for authentication, but I'm not sure if that's the best way to separate the tiers.
upvoted 0 times
...
Malissa
8 months ago
Whew, this is a lot to cover in a single proposal. I'll need to be really concise and organized to make sure I hit all the key points. Maybe I'll create a simple outline first to ensure I don't miss anything critical. And I'll be sure to emphasize the most important factors based on the portfolio team's priorities.
upvoted 0 times
...
Lashon
8 months ago
Okay, I think I've got this. Download the updates, install the new kernel, and then update the boot loader to keep the original kernel as an option. Shouldn't be too difficult.
upvoted 0 times
...
Tamra
8 months ago
This is a straightforward SQL Server authentication question. I'll review the options and select the one that meets the security and compliance requirements stated in the question.
upvoted 0 times
...

Save Cancel