You need to perform a vulnerability scan for an App Engine app using Cloud Security Scanner.
Upon completion of the scan, the report is not producing the expected number of webpage results. The pages in the app with mouseover menus are missing from the report. Which action should you take to make sure the scan completes and captures the menu?

• A.Verify the Excluded URLs.
• B.Modify the scan schedule to return new results.
• C.Change the scan to include additional Starting URLs.
• D.Adjust the Google account on which the scan is running.

Comment: *

Name: *

Email: *

Verification: *

A company has redundant mail servers in different Google Cloud Platform regions and wants to route customers to the nearest mail server based on location.
How should the company accomplish this?

• A.Use Cloud CDN to route the mail traffic to the closest origin mail server based on client IP address.
• B.Use Cross-Region Load Balancing with an HTTP(S) load balancer to route traffic to the nearest region.
• C.Configure TCP Proxy Load Balancing as a global load balancing service listening on port 995.
• D.Create a Network Load Balancer to listen on TCP port 995 with a forwarding rule to forward traffic based on location.

Comment: *

Name: *

Email: *

Verification: *

A customer needs to prevent attackers from hijacking their domain/IP and redirecting users to a malicious site through a man-in-the-middle attack.
Which solution should this customer use?

• A.VPC Flow Logs
• B.Cloud Armor
• C.DNS Security Extensions
• D.Cloud Identity-Aware Proxy

Comment: *

Name: *

Email: *

Verification: *

Your team wants to centrally manage GCP IAM permissions from their on-premises Active Directory Service. Your team wants to manage permissions by AD group membership.
What should your team do to meet these requirements?

• A.Set up Cloud Directory Sync to sync groups, and set IAM permissions on the groups.
• B.Set up SAML 2.0 Single Sign-On (SSO), and assign IAM permissions to the groups.
• C.Use the Cloud Identity and Access Management API to create groups and IAM permissions from Active Directory.
• D.Use the Admin SDK to create groups and assign IAM permissions from Active Directory.

Comment: *

Name: *

Email: *

Verification: *

You are part of a security team that wants to ensure that a Cloud Storage bucket in Project A can only be readable from Project B.
You also want to ensure that data in the Cloud Storage bucket cannot be accessed from or copied to Cloud Storage buckets outside the network, even if the user has the correct credentials.
What should you do?

• A.Enable VPC Service Controls, create a perimeter with Project A and B, and include Cloud Storage service.
• B.Enable Domain Restricted Sharing Organization Policy and Bucket Policy Only on the Cloud Storage bucket.
• C.Enable Private Access in Project A and B networks with strict firewall rules to allow communication between the networks.
• D.Enable VPC Peering between Project A and B networks with strict firewall rules to allow communication between the networks.

Comment: *

Name: *

Email: *

Verification: *