ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Developer All Questions

View all questions & answers for the Professional Cloud Developer exam
Go to Exam

Exam Professional Cloud Developer topic 1 question 342 discussion

Actual exam question from Google's Professional Cloud Developer
Question #: 342
Topic #: 1
[All Professional Cloud Developer Questions]

You are responsible for improving the security of your Cloud Run services to protect these services against supply chain threats. You need to ensure that there are adequate security controls such as SLSA Level 3 builds for container images and non-falsifiable provenance for container images by using Google Cloud tools. What should you do?

  • A. Ask developers to build container images locally and ensure strict version controls by using Container Registry.
  • B. Use Cloud Build to build container images. Configure a Binary Authorization policy on the Cloud Run job.
  • C. Use Cloud Deploy to generate authenticated and non-falsifiable build provenance for container images.
  • D. Use Cloud Build to build container images. Use Cloud Scheduler to automate delivery of your applications to a series of target environments in a defined sequence.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Laureatul at May 6, 2025, 12:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pime13
3 weeks, 6 days ago
Selected Answer: B
https://cloud.google.com/run/docs/securing/view-security-insights https://cloud.google.com/software-supply-chain-security/docs/safeguard-builds https://cloud.google.com/build/docs/securing-builds/generate-validate-build-provenance
upvoted 1 times
...
Pime13
4 weeks ago
Selected Answer: B
https://cloud.google.com/build/docs/securing-builds/generate-validate-build-provenance Cloud Build supports the generation of build provenance that meets Supply-chain Levels for Software Artifacts (SLSA) level 3 assurance based on the specifications for SLSA version 0.1 and 1.0. https://cloud.google.com/run/docs/securing/binary-authorization https://cloud.google.com/binary-authorization/docs/run/overview
upvoted 1 times
...
Laureatul
3 months, 1 week ago
Selected Answer: C
Cloud Deploy is a fully managed deployment service that is tightly integrated with SLSA (Supply Chain Levels for Software Artifacts) and provides the necessary features for authenticated and non-falsifiable provenance. This is a critical requirement for securing your build process and meeting SLSA Level 3.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel