Your company has a single sign-on (SSO) identity provider that supports Security Assertion Markup Language (SAML) integration with service providers. Your company has users in Cloud Identity. You would like users to authenticate using your company's SSO provider. What should you do?

• A.Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.
• B.Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.
• C.In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.
• D.In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.

Comment: *

Name: *

Email: *

Verification: *

You are building an architecture for one of your client with a requirement of streaming millions of requests with high availability and durability along with HIPPA compliance. Which managed service will you prefer?

• A.Cloud Pub/Sub
• B.Cloud Function
• C.Cloud DataProc
• D.RabbitMQ

Comment: *

Name: *

Email: *

Verification: *

The core business of your company is to rent out construction equipment at a large scale. All the equipment that is being rented out has been equipped with multiple sensors that send event information every few seconds. These signals can vary from engine status, distance traveled, fuel level, and more. Customers are billed based on the consumption monitored by these sensors. You expect high throughput - up to thousands of events per hour per device - and need to retrieve consistent data based on the time of the event. Storing and retrieving individual signals should be atomic. What should you do?

• A.Ingest the data into Cloud Bigtable. Create a row key based on the event timestamp.
• B.Ingest the data into Datastore. Store data in an entity group based on the device.
• C.Create a file in Cloud Filestore per device and append new data to that file.
• D.Create a file in Cloud Storage per device and append new data to that file.

Comment: *

Name: *

Email: *

Verification: *

A colleague handed over a Google Cloud Platform project for you to maintain. As part of a security checkup, you want to review who has been granted the Project Owner role. What should you do?

• A.In the console, validate which SSH keys have been stored as project-wide keys.
• B.Navigate to Identity-Aware Proxy and check the permissions for these resources.
• C.Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
• D.Use the command gcloud projects get-iam-policy to view the current role assignments.

Comment: *

Name: *

Email: *

Verification: *

Your company runs its Linux workloads on Compute Engine instances. Your company will be working with a new operations partner that does not use Google Accounts. You need to grant access to the instances to your operations partner so they can maintain the installed tooling. What should you do?

• A.Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.
• B.Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.
• C.Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.
• D.Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.

Comment: *

Name: *

Email: *

Verification: *