A. Ensure that the app does not run as PID 1. B. Package a single app as a container. C. Remove any unnecessary tools not needed by the app. D. Use public container images as a base image for the app. E. Use many container image layers to hide sensitive information. Answer: BC Reference: Question: 76 A customer needs to launch a 3-tier internal web application on Google Cloud Platform (GCP). The customer’s internal compliance requirements dictate that end-user access may only be allowed if the traffic seems to originate from a specific known good CIDR. The customer accepts the risk that their application will only have SYN flood DDoS protection. They want to use GCP’s native SYN flood protection. Which product should be used to meet these requirements? A. Cloud Armor B. VPC Firewall Rules C. Cloud Identity and Access Management D. Cloud CDN Answer: A Reference: - capabilities Question: 77 Which two implied firewall rules are defined on a VPC network? (Choose two.) A. A rule that allows all outbound connections B. A rule that denies all inbound connections C. A rule that blocks all inbound port 25 connections D. A rule that blocks all outbound connections E. A rule that allows all inbound port 80 connections Answer: AB Reference: Question: 78 A customer needs an alternative to storing their plain text secrets in their source-code management (SCM) system.
You've reached the end of your free preview.
Want to read all 5 pages?
- Fall '20
- SYN flood