- (Exam Topic 2)
You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored data. You want to make sure you comply with these requirements. What should you do?
Correct Answer:
B
Logged information
Your Google Cloud projects contain only the audit logs for resources that are directly within the Cloud project. Other Google Cloud resources, such as folders, organizations, and billing accounts, contain the audit logs for the entity itself.
Graphical user interface, text, application Description automatically generated
Reference link- https://cloud.google.com/storage/docs/audit-logging
- (Exam Topic 1)
You want to build an application that will allow customers to register and login. It would be great to have the ability to secure it with multi-factor authentication and the ability to reset credentials. As a small startup, you want to build the main application as quickly as possible and have minimum overhead. Which might be a suitable option for you on Google Cloud?
Correct Answer:
D
Cloud Identity Platform
Cloud Identity Platform allows you to manage identity and credentials for your consumer-facing applications. So that's the right one in this case to use. "Identity Platform is a customer identity and access management (CIAM) platform that helps organizations add identity and access management functionality to their applications, protect user accounts, and scale with confidence on Google Cloud."
Reference link- https://cloud.google.com/identity-platform
- (Exam Topic 1)
Which Google Cloud product is designed to reduce the risks of handling personally identifiable information (PII)?
Correct Answer:
C
Reference:
https://cloud.google.com/blog/products/gcp/take-charge-of-your-sensitive-data-with-the-cloud-dlp-api
Cloud Data Loss Prevention: Fully managed service designed to help you discover, classify, and protect your most sensitive data.
- (Exam Topic 1)
Your application is onboarding a number of users. The details of the users very widely. What kind of database would be most suitable for this use case?
Correct Answer:
A
* 1. NoSQL databases are best suited for this use case. Firestore is an appropriate one to use here
* 2. Cloud Firestore is a NoSQL document database that lets you easily store, sync, and query data for your mobile and web apps - at global scale.
- (Exam Topic 1)
What are the key features of Google Cloud Identity.
Correct Answer:
D
Cloud Identity:
A unified identity, access, app, and endpoint management (IAM/EMM) platform.
- Give users easy access to apps with single sign-on.
- Multi-factor authentication protects user and company data.
- Endpoint management enforces policies for personal and corporate devices
KEY FEATURES :
Modernize IT and strengthen security Multi-factor authentication (MFA)
Help protect your user accounts and company data with a wide variety of MFA verification methods such as push notifications, Google Authenticator, phishing-resistant Titan Security Keys, and using your Android or iOS device as a security key.
Endpoint management
Improve your company’s device security posture on Android, iOS, and Windows devices using a unified console. Set up devices in minutes and keep your company data more secure with endpoint management. Enforce security policies, wipe company data, deploy apps, view reports, and export details.
Single sign-on (SSO)
Enable employees to work from virtually anywhere, on any device, with single sign-on to thousands of pre-integrated apps, both in the cloud and on-premises.
Works with your favorite apps
Cloud Identity integrates with hundreds of cloud applications out of the box—and we’re constantly adding more to the list so you can count on us to be your single identity platform today and in the future.