Question-4: According to the curriculum for the certification test, this question was developed as a means of practicing with the Google Case Study: EHR Healthcare.
You are consulting a Google-provided security expert while working with the Cloud Security team and the general information Security team. You will need to describe the technological architecture in order to deploy workloads to Google Cloud in a safe manner. In addition to this, you need to make certain that the Google Cloud services are only used to install validated containers. What is it that you ought to do?(Choose two.)
A. Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline.
B. As part of a CI/CD pipeline, configure Jenkins to make use of Kritis so that a container can be cryptographically signed by Kritis.
C. Configure Container Registry to only allow trusted service accounts to create and deploy containers from the registry.
D. Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities before deploying the workload.
Correct Answer
Get All 340 Questions and Answer for Google Professional Cloud Architect
: 1, 3 Explanation:Binary Authorization to guarantee that only containers that have been confirmed are deployed. Automated scans for vulnerabilities in image containers using container analysis may help guarantee that deployments are both safe and consistent. Because the inquiry states that only verified containers may be installed using the Google Cloud service, choice two cannot be correct. Option 4 gives a check on the vulnerability of my code, indicating that it is not a problem but is beyond the scope of the problem. Binary authorisation and trusted service accounts provide a more suitable response to the demand.