All Coursera Quiz Answers

Security Best Practices in Google Cloud Coursera Quiz Answers

by Niyander

In this article i am gone to share Coursera Course: Security Best Practices in Google Cloud Coursera Quiz Answers with you..

Enrol Link:  Security Best Practices in Google Cloud

Security Best Practices in Google Cloud Coursera Quiz Answers

 

Securing Compute Engine: Techniques and Best Practices Quiz Answers

Question 1)
Which of the following TWO statements about Google Cloud service accounts are TRUE?

  • VMs without service accounts cannot run APIs.
  • Custom service accounts use “scopes” to control API access.
  • Virtual Machine (VM) instances use service accounts to run API requests on your behalf.
  • Service accounts are a type of identity.

Question 2)
Which TWO recommendations below ARE considered to be Compute Engine “best practices?”

  • Hardened custom images, once added to your Organization’s resources, are then maintained by Google with automatic security patches and other updates.
  • Always run critical VMs with default, scope-based service accounts.
  • Cloud Interconnect or Cloud VPN can be used to securely extend your data center network into Google Cloud projects.
  • Utilize projects and IAM roles to control access to your VMs.

Question 3)
Which TWO of the following statements is TRUE when discussing the Organization Policy Service?

  • Descendants of a targeted resource do not inherit the parent’s Organization Policy.
  • Organization Policy Services allow centralized control for how your organization’s resources can be used.
  • To define an Organization Policy, you will choose and then define a constraint against either a Google Cloud service or a group of Google Cloud services.

 

Module Quiz Answers

Question 1)
Which TWO of the following statements are TRUE when discussing Cloud Storage and IAM permissions?

  • Access can be granted to Cloud Storage at the organization, folder, project, or bucket levels.
  • Using deny rules prevent certain principals from using certain permissions, regardless of the roles they’re granted.
  • Using IAM permissions alone gives you control over your projects, buckets, and individual objects.
  • A user needs permission from both IAM or an ACL to access a bucket or object.

Question 2)
Which TWO of the following statements are TRUE when discussing storage and BigQuery best practices?

  • Do not use any personally identifiable information as object names.
  • One option to serve content securely to outside users is to use signed URLs.
  • In most cases, you should use Access Control Lists (ACLs) instead of IAM permissions.
  • BigQuery data can be adequately secured using the default basic roles available in Google Cloud.

Question 3)
Which TWO of the following statements is TRUE with regards to security in BigQuery and its datasets?

  • BigQuery has its own list of assignable IAM roles.
  • A BigQuery Authorized View allows administrators to restrict users to viewing only subsets of a dataset.
  • Using IAM, you can grant users granular permissions to BigQuery tables, rows and columns.
  • It is always better to assign BigQuery roles to individuals as this will help to lower operational overhead.

 

Application Security: Techniques and Best Practices Quiz Answers

Question 1)
Which TWO of the following statements about Application Security are TRUE?

  • Applications in general, including many web applications, do not properly protect sensitive user data.
  • Applications are the most common target of cyberattack.
  • “Injection Flaws” are the least frequently found application security issue.
  • Developers are commonly given a requirements document that clearly defines security requirements for the application.

Question 2)
Which TWO of the following vulnerabilities are scanned for when you use Web Security Scanner?

  • Mixed content.
  • Insecure logins.
  • User data in images.
  • Outdated or insecure libraries.
  • Personalized data in object names.

Question 3)
Which TWO of the following statements are TRUE when discussing the threat of OAuth and Identity Phishing?

  • Even small, unimportant pieces of personal data need to be secured from phishing attacks.
  • Look-alike phishing sites are generally pretty easy to spot.
  • Being “hacked” on a social site can lead to being “hacked” on more critical websites, depending on your social site’s account settings.
  • Credit card data is the only information that is useful to cyber hackers.

 

Securing Google Kubernetes Engine: Techniques and Best Practices Quiz Answers

Question 1)
“Kubernetes service account” and “Google service account” are different names for the same type of service account.

  • True
  • False

Question 2)
Which ONE of the following is NOT a security best practice on Kubernetes.

  • Use shielded GKE nodes.
  • Upgrade your GKE infrastructure.
  • Restrict access between pods.
  • Disable Workload Identity.

Question 3)
GKE has logging and monitoring functions built in.

  • True
  • False