Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 4 Question 25 Discussion

You want to limit the images that can be used as the source for boot disks. These images will be stored in a dedicated project.What should you do?
B) Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted projects as the exceptions in a deny operation.
A) Use the Organization Policy Service to create a compute.trustedimageProjects constraint on the organization level. List the trusted project as the whitelist in an allow operation.
C) In Resource Manager, edit the project permissions for the trusted project. Add the organization as member with the role: Compute Image User.
D) In Resource Manager, edit the organization permissions. Add the project ID as member with the role: Compute Image User.

Google Professional Cloud Security Engineer Exam - Topic 4 Question 25 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 25
Topic #: 4
[All Professional Cloud Security Engineer Questions]

You want to limit the images that can be used as the source for boot disks. These images will be stored in a dedicated project.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://cloud.google.com/compute/docs/images/restricting-image-access

by Brock at May 05, 2022, 07:07 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Skye
7 months ago
Wait, can you really limit images like that? Sounds tricky!
upvoted 0 times
...
Hubert
7 months ago
D sounds complicated, but could work.
upvoted 0 times
...
Jesusa
8 months ago
C seems a bit off, not sure it addresses the issue.
upvoted 0 times
...
Precious
8 months ago
I think B makes more sense for denying access.
upvoted 0 times
...
Iluminada
8 months ago
A is definitely the way to go for whitelisting.
upvoted 0 times
...
Alonzo
8 months ago
I’m leaning towards option A, but I’m a bit confused about how the allow operation works in this context.
upvoted 0 times
...
Brock
8 months ago
I feel like editing project permissions could be a part of the solution, but it doesn't seem like the main focus of this question.
upvoted 0 times
...
Joni
8 months ago
I remember a similar question where we had to set constraints, and I think the whitelist option makes more sense for limiting images.
upvoted 0 times
...
Curtis
8 months ago
I think we need to use the Organization Policy Service, but I'm not sure if we should allow or deny the projects.
upvoted 0 times
...
Jamika
8 months ago
Okay, I've got a plan. I'll focus on isolating the iSCSI network, setting up access controls, and ensuring the solution meets the security policy. I think Option C might be the way to go.
upvoted 0 times
...
Detra
8 months ago
Okay, let me see. I know data category visibility and licensing are important, so I'll start there. Then I'll look for other configuration settings that are crucial for maintaining the knowledge base.
upvoted 0 times
...
Lajuana
8 months ago
I'm not totally sure, but "decrypted on delivery" seems off to me. I remember it being about how schedules work, maybe?
upvoted 0 times
...
Teddy
8 months ago
Hmm, I'm a bit unsure about this one. I'll have to think it through carefully. Could A, B, or D all be considered forms of outsourcing administration in the cloud?
upvoted 0 times
...
Detra
8 months ago
Hmm, I'm a bit unsure about the specifics of how to prioritize the management traffic here. I'll need to think through the different DSCP markings and queue mapping options carefully to make sure I select the right approach.
upvoted 0 times
...

Save Cancel