Your organization acquired a new workload. The Web and Application (App) servers will be running on Compute Engine in a newly created custom VPC. You are responsible for configuring a secure network communication solution that meets the following requirements:✑ Only allows communication between the Web and App tiers.✑ Enforces consistent network security when autoscaling the Web and App tiers.✑ Prevents Compute Engine Instance Admins from altering network traffic.What should you do?
You need to connect your organization's on-premises network with an existing Google Cloud environment that includes one Shared VPC with two subnets namedProduction and Non-Production. You are required to:✑ Use a private transport link.✑ Configure access to Google Cloud APIs through private API endpoints originating from on-premises environments.✑ Ensure that Google Cloud APIs are only consumed via VPC Service Controls.What should you do?
You are working with protected health information (PHI) for an electronic health record system. The privacy officer is concerned that sensitive data is stored in the analytics system. You are tasked with anonymizing the sensitive data in a way that is not reversible. Also, the anonymized data should not preserve the character set and length. Which Google Cloud solution should you use?
You are setting up a CI/CD pipeline to deploy containerized applications to your production clusters on Google Kubernetes Engine (GKE). You need to prevent containers with known vulnerabilities from being deployed. You have the following requirements for your solution:Must be cloud-native -✑ Must be cost-efficient✑ Minimize operational overheadHow should you accomplish this? (Choose two.)
Which type of load balancer should you use to maintain client IP by default while using the standard network tier?
Your team needs to make sure that a Compute Engine instance does not have access to the internet or to any Google APIs or services.Which two settings must remain disabled to meet these requirements? (Choose two.)
