Topic 1 Question 272

Professional Cloud Security Engineer

Topic 1 Question 272
You work for a global company. Due to compliance requirements, certain Compute Engine instances that reside within specific projects must be located exclusively in cloud regions within the European Union (EU). You need to ensure that existing non-compliant workloads are remediated and prevent future Compute Engine instances from being launched in restricted regions. What should you do?
- Use a third-party configuration management tool to monitor the location of Compute Engine instances. Automatically delete or migrate non-compliant instances, including existing deployments.
- Deploy a Security Command Center source to detect Compute Engine instances created outside the EU. Use a custom remediation function to automatically relocate the instances, run the function once a day.
- Use organization policy constraints in Resource Manager to enforce allowed regions for Compute Engine instance creation within specific projects.
- Set an organization policy that denies the creation of Compute Engine instances outside the EU. Apply the policy to the appropriate projects. Identify existing non-compliant instances and migrate the instances to compliant EU regions.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: D
  I think it's D.
  
  👍 3
  yokoyan2024/09/05
- 正解だと思う選択肢: D
  https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations-supported-services
  
  👍 1
  MoAk2024/11/27
- 正解だと思う選択肢: D
  https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations-supported-services
  
  👍 1
  Zek2024/12/09
シャッフルモード

ユーザの投票

コメント(4)