Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 2 Question 97 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 97
Topic #: 2
[All Professional Cloud Security Engineer Questions]

An organization's typical network and security review consists of analyzing application transit routes, request handling, and firewall rules. They want to enable their developer teams to deploy new applications without the overhead of this full review.

How should you advise this organization?

Show Suggested Answer Hide Answer
Suggested Answer: C, D

https://cloud.google.com/confidential-computing/confidential-vm/docs/creating-cvm-instance#considerations

Confidential VM does not support live migration. You can only enable Confidential Computing on a VM when you first create the instance. https://cloud.google.com/confidential-computing/confidential-vm/docs/creating-cvm-instance


by Nydia at Jan 23, 2025, 11:17 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Brynn
15 days ago
Option B all the way! Enforcing policies through code is the way to go. Plus, it's a great way to keep the developers on their toes. I bet they'll be writing the most secure code ever. Or, you know, just finding creative ways to bypass the rules. Either way, it's a win-win!
upvoted 0 times
...
Mira
18 days ago
Forseti with Firewall filters? Sounds like a bunch of tech-y mumbo jumbo to me. I'm just going to go with whatever option has the least amount of work for the developers. They're the ones who have to deal with this stuff, right?
upvoted 0 times
Olga
1 days ago
B) Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.
upvoted 0 times
...
Krissy
3 days ago
A) Use Forseti with Firewall filters to catch any unwanted configurations in production.
upvoted 0 times
...
...
Linn
1 months ago
Allowing developers free rein in GCP as their dev and QA platforms? That's a recipe for disaster! I can't believe that's even an option. On-premises all the way, baby!
upvoted 0 times
Beckie
2 days ago
Allowing developers free rein in GCP as their dev and QA platforms? That's a recipe for disaster! I can't believe that's even an option. On-premises all the way, baby!
upvoted 0 times
...
Edna
8 days ago
B) Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.
upvoted 0 times
...
Lashawn
21 days ago
A) Use Forseti with Firewall filters to catch any unwanted configurations in production.
upvoted 0 times
...
...
Annabelle
2 months ago
I'm not sure about routing all VPC traffic through customer-managed routers. That sounds like a lot of overhead and complexity just to detect malicious patterns. I'd go with the infrastructure as code approach.
upvoted 0 times
Billye
1 months ago
B) Mandate use of infrastructure as code and provide static analysis in the CI/CD pipelines to enforce policies.
upvoted 0 times
...
Darci
1 months ago
A) Use Forseti with Firewall filters to catch any unwanted configurations in production.
upvoted 0 times
...
...
Pearline
2 months ago
Option B seems like a solid choice. Enforcing policies through static analysis in the CI/CD pipeline is a great way to ensure security without slowing down the developers.
upvoted 0 times
Tricia
8 days ago
User 4: Using infrastructure as code can definitely streamline the process.
upvoted 0 times
...
Emogene
26 days ago
User 3: It's important to maintain security without hindering the developers' workflow.
upvoted 0 times
...
Brett
1 months ago
User 2: I agree, enforcing policies through static analysis in the CI/CD pipeline is efficient.
upvoted 0 times
...
Trinidad
1 months ago
User 1: Option B seems like a solid choice.
upvoted 0 times
...
...
Brock
2 months ago
I see both points, but I think option B is more practical for enabling developer teams to deploy new applications without full review.
upvoted 0 times
...
Madalyn
2 months ago
I disagree, I believe option A is more effective. Forseti with Firewall filters can catch any unwanted configurations in production.
upvoted 0 times
...
Sanjuana
2 months ago
I think option B is the best choice. It ensures security policies are enforced during deployment.
upvoted 0 times
...

Save Cancel