ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 104 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 104
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You have a Cloud Storage bucket in Google Cloud project XYZ. The bucket contains sensitive data. You need to design a solution to ensure that only instances belonging to VPCs under project XYZ can access the data stored in this Cloud Storage bucket. What should you do?

  • A. Configure Private Google Access to privately access the Cloud Storage service using private IP addresses.
  • B. Configure a VPC Service Controls perimeter around project XYZ, and include storage.googleapis.com as a restricted service in the service perimeter.
  • C. Configure Cloud Storage with projectPrivate Access Control List (ACL) that gives permission to the project team based on their roles.
  • D. Configure Private Service Connect to privately access Cloud Storage from all VPCs under project XYZ.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by ccieman2016 at Dec. 2, 2022, 3:14 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gonlafer
1 year ago
Selected Answer: B
https://cloud.google.com/vpc-service-controls/docs/supported-products
upvoted 1 times
...
didek1986
1 year, 6 months ago
Selected Answer: B
For sure B.
upvoted 1 times
...
Nilaela
1 year, 6 months ago
ACL is the finest way to give permission..I think it is C
upvoted 1 times
gcpengineer
1 year, 5 months ago
unfortunately not
upvoted 1 times
...
...
Ben756
1 year, 11 months ago
Selected Answer: B
The correct answer is B. Configure a VPC Service Controls perimeter around project XYZ, and include storage.googleapis.com as a restricted service in the service perimeter. By configuring a VPC Service Controls perimeter around project XYZ, you can create a secure boundary around the project and restrict access to Cloud Storage to only those instances that are within the VPCs under project XYZ. You can include storage.googleapis.com as a restricted service in the service perimeter, which will ensure that only authorized VPCs can access the Cloud Storage bucket containing sensitive data.
upvoted 1 times
...
SZON
1 year, 11 months ago
Selected Answer: B
Typical use case for mitigating the risk of data exfiltration
upvoted 1 times
...
pk349
2 years, 1 month ago
• B. Configure a VPC Service ***** Controls perimeter around project XYZ, and include storage.googleapis.com as a restricted service in the service perimeter. Overview of VPC Service Controls VPC Service Controls improves your ability to mitigate the risk of data exfiltration from Google Cloud services such as Cloud Storage and BigQuery. You can use VPC Service Controls to create perimeters that protect the resources and data of services that you explicitly specify. The following diagram shows a service perimeter that allows access from the internet to protected resources based on the configured access levels, such as IP address or device policy:
upvoted 2 times
...
al_zo
2 years, 2 months ago
Selected Answer: B
Agree on B. Typical use case of VPC Service Controls: https://cloud.google.com/vpc-service-controls/docs/overview
upvoted 3 times
...
playpacman
2 years, 2 months ago
I also vote for B, the others dont make sense
upvoted 3 times
...
ccieman2016
2 years, 2 months ago
Selected Answer: B
For me, B is correct. https://cloud.google.com/vpc/docs/private-access-options https://cloud.google.com/vpc/docs/configure-private-service-connect-apis
upvoted 4 times
AzureDP900
2 years, 2 months ago
Yes, I agree with B. other options doesn't make sense to me B. Configure a VPC Service Controls perimeter around project XYZ, and include storage.googleapis.com as a restricted service in the service perimeter.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel