Security 2 Flashcards
What are the two tiers available for Cloud Armor?
a. Premium
b. Standard
c. Managed Protection Plus
d. Bonus Protection
Standard
Managed Protection Plus
Cloud Armor is a ________ and ________ service
a. Virus protection, Networking
b. DDOS protection, Web Application Firewall (WAF)
c. DDOS protection, WiFi
d. Storage management, Web Application Firewall (WAF)
DDOS protection, Web Application Firewall (WAF)
What is a malicious attempt to disrupt normal traffic by flooding a website with large amounts of fake traffic?
a DDoS (Distributed Denial of Service) Attack
What service allows you to package Google cloud resources into a service offering that can be then made available and discoverable in a catalog internally to your organization to quickly deploy governed stacks and workloads?
a. Cloud Identity
b. Private Catalog
c. IAM
d. Cloud Armor
b. Private Catalog
What does the Threat detection feature in Security Command Center do?
a. audits your cloud resources for security vulnerability
b. continuously scans for malicious attempts
c. inventory and historical information about your google cloud resources
d. fix security misconfiguration with single-click remediation
a. audits your cloud resources for security vulnerability
What does the “Asset discovery and inventory” feature in Security Command Center do?
a. audits your cloud resources for security vulnerability
b. collection of event logs for threat detection
c. provides inventory and historical information about your google cloud resources
d. fix security misconfiguration with single-click remediation
c. provides inventory and historical information about your google cloud resources
What is a centralized security and risk management platform for your google cloud resources?
Security Command Center
Birthday, government ID, full name, email address, mailing address are examples of …
a. Cloud Identity
b. Private Catalog
c. Personally identifiable information (PII)
d. Personally/Protected Health Information (PHI)
Personally identifiable information (PII)
What is any data that can be used to identify health information about a patient?
a. Personally identifiable information (PII)
b. Personally/Protected Health Information (PHI)
c. Cloud Identity
d. Security Command Center
Personally/Protected Health Information (PHI)
What is used to detect and protect sensitive information within GCP storage repositories?
Cloud Data Loss Prevention (DLP)
What are BeyondCorp’s principles? (Choose 3)
a. Access to services must not be determined by the network from which you connect
b. Access to services is granted based on contextual factors from the user and their device
c. Access to services related to storage and data is secondary
d. Access to services must be authenticated, authorized, and encrypted
a. Access to services must not be determined by the network from which you connect
b. Access to services is granted based on contextual factors from the user and their device
d. Access to services must be authenticated, authorized, and encrypted
What is NOT a feature of BeyondCorp?
a. access control policies
b. single sign-on
c. IP-based
d. access proxy
c. IP-based
What puts identity as the primary security perimeter to be protected?
A Zero Trust model
When creating an access policy, what attributes can you use to determine the level of access?
All of the options
Operating System
IP Address
Device Type
User Identity
All of the options
Access Context Manager keeps mobile workforces utilizing ________ secure.
Bring-Your-Own-Devices (BYOD)
Networking devices
On-premise infrastructure
Pay as you go Service (PAYG)
Bring-Your-Own-Devices (BYOD)
