Managing Security in Google Cloud (Week 1 - 4) complete course is currently being offered by Google Cloud through Coursera platform. 

Managing Security in Google Cloud (Week 1 - 4) Quiz Answers - Coursera!

Managing Security in Google Cloud Week 1 Quiz Answers - Coursera!

Foundations of Google Cloud Security

Question 1) Which ONE of the following statements is TRUE concerning Google’s built-in security measures?
  • Only Google-managed encryption keys are allowed to be used within Google Cloud.
  • To guard against phishing attacks, all Google employee accounts require the use of U2F compatible security keys.
  • An organization’s on-premises resources are not allowed to connect to Google Cloud in order to lower the risk of DDoS attacks.
  • Customers always have the option to configure their instances to encrypt all of their data while it is “at rest” within Google Cloud.

Question 2) Which TWO of the following statements are TRUE regarding regulatory compliance on Google Cloud?
  • Google has no plans at this time to expand its already-extensive portfolio of regulatory compliance certifications.
  • Google’s Cloud products regularly undergo independent verification of security, privacy, and compliance controls.
  • Proper configuration of encryption and firewalls is not the only requirement for achieving regulatory compliance.
  • Contacting your regulatory compliance certification agency is the only way to find out whether Google currently supports that particular standard.

Question 3) Which TWO of the following statements are TRUE regarding Google’s ability to protect its customers from DoS attacks?
  • Google Front End can detect when an attack is taking place and can drop or throttle traffic associated with that attack.
  • A single Google data center has many times the bandwidth of even a large DoS attack, enabling it to simply absorb the extra load.
  • Application-aware defense is not currently supported on Google Cloud, although support for this is planned in the very near future.

Coursera - Managing Security in Google Cloud Week 2 Quiz Answers

Cloud Identity

Question 1) Which of the following statements is TRUE for the use of Cloud Identity?
  • Cloud Identity can work with any domain name that is able to receive email.
  • Your organization must use Google Workspace services in order to use Cloud Identity.
  • A Google Workspace or Cloud Identity account can be associated with more than one Organization.
  • You cannot use both Cloud Identity and Google Workspace services to manage your users across your domain.

Question 2) The main purpose of Google Cloud Directory Sync is to: (choose ONE option below)
  • Completely replace an Active Directory or LDAP service.
  • Help simplify provisioning and de-provisioning user accounts.
  • Enable two-way data synchronization between Google Cloud and AD/LDAP accounts.

Question 3) Which TWO of the following are considered authentication “best practices?”
  • You should have no more than three Organization admins.
  • Avoid managing permissions on an individual user basis where possible.
  • Requiring 2-Step Verification (2SV) is only recommended for super-admin accounts.
  • Organization Admins should never remove the default organization-level permissions from users after account creation.

Managing Security in Google Cloud Week 3 Quiz Answers

Cloud Identity and Access Management (Cloud IAM)

Question 1) Which FOUR of the following are Cloud IAM Objects that can be used to organize resources in Google Cloud?
  • Role
  • Container
  • Instance
  • Member
  • Bucket
  • Organization
  • Folder

Question 2) Projects in Google Cloud provide many management-related features, including the ability to (choose TWO below…)
  • Track and manage quota usage.
  • Balance server load between different Projects.
  • Selectively enable specific services and APIs.
  • Keep on-prem AD/LDAP accounts synced up with user’s Google Cloud resources.

Question 3) Which TWO of the following statements about Cloud IAM Policies is TRUE?
  • VPCs for Isolation and Security
  • A Policy binding binds a list of members to a role.
  • An organization policy can only be applied to the organization node.
  • A policy is a collection of access statements attached to a resource.
  • A less restrictive parent policy will not override a more restrictive child resource policy.

Managing Security in Google Cloud Week 4 Quiz Answers - Coursera!

VPCs for Isolation and Security

Question 1) Which TWO of the following statements about VPCs is TRUE?
  • VPC firewall rules in Google Cloud are global in scope.
  • Every VPC network functions as a distributed firewall where firewall rules are defined at the network level.
  • Google Cloud Firewall allow rules by default only affect traffic flowing in one direction.
  • A connection is considered active if it has at least one packet sent over a one hour period.

Question 2) Which THREE of the following are firewall rule parameters?
  • Project
  • Direction
  • IP Address
  • Source
  • Organization
  • Action
  • Timestamp

Question 3) Which ONE of the following statements is TRUE when discussing the SSL capabilities of Google Cloud Load Balancer?
  • Google Cloud Load Balancers require, and will only accept, a Google-managed SSL Cert.
  • The Google-managed profile, COMPATIBLE, allows clients which support out-of-date SSL features.
  • If no SSL policy is set, the SSL policy is automatically set to the most constrained policy, which is RESTRICTED.
  • You must use one of the 3 pre-configured “Google-managed profiles” to specify the level of compatibility appropriate for your application.

Post a Comment

Previous Post Next Post