You have a Google Cloud Platform account with access to both production and development projects. You need to create an
automated process to list all compute instances in development and production projects on a daily basis. What should you
do?
A
You need to create a Compute Engine instance in a new project that doesn’t exist yet. What should you do?
B
You have an object in a Cloud Storage bucket that you want to share with an external company. The object contains
sensitive data. You want access to the content to be removed after four hours. The external company does not have a
Google account to which you can grant specific user-based access privileges. You want to use the most secure method that
requires the fewest steps. What should you do?
A
Your auditor wants to view your organizations use of data in Google Cloud. The auditor is most interested in auditing who
accessed data in Cloud Storage buckets. You need to help the auditor access the data they need. What should you do?
D
Explanation:
Reference: https://cloud.google.com/storage/docs/audit-logging
You need to set up permissions for a set of Compute Engine instances to enable them to write data into a particular Cloud
Storage bucket. You want to follow Google-recommended practices. What should you do?
D
Your management has asked an external auditor to review all the resources in a specific project. The security team has
enabled the Organization Policy called Domain Restricted Sharing on the organization node by specifying only your Cloud
Identity domain. You want the auditor to only be able to view, but not modify, the resources in that project. What should you
do?
C
You are working for a hospital that stores its medical images in an on-premises data room. The hospital wants to use Cloud
Storage for archival storage of these images. The hospital wants an automated process to upload any new medical images
to Cloud Storage. You need to design and implement a solution. What should you do?
C
You significantly changed a complex Deployment Manager template and want to confirm that the dependencies of all defined
resources are properly met before committing it to the project. You want the most rapid feedback on your changes. What
should you do?
D
Explanation:
Reference: https://cloud.google.com/deployment-manager/docs/deployments/updating-deployments
You have sensitive data stored in three Cloud Storage buckets and have enabled data access logging. You want to verify
activities for a particular user for these buckets, using the fewest possible steps.
You need to verify the addition of metadata labels and which files have been viewed from those buckets. What should you
do?
A
You have an application that uses Cloud Spanner as a backend database. The application has a very predictable traffic
pattern. You want to automatically scale up or down the number of Spanner nodes depending on traffic. What should you
do?
D