Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Architect All Questions

View all questions & answers for the Professional Cloud Architect exam
Go to Exam

Exam Professional Cloud Architect topic 7 question 6 discussion

Actual exam question from Google's Professional Cloud Architect
Question #: 6
Topic #: 7
[All Professional Cloud Architect Questions]

Mountkirk Games wants you to secure the connectivity from the new gaming application platform to Google Cloud. You want to streamline the process and follow
Google-recommended practices. What should you do?

  • A. Configure Workload Identity and service accounts to be used by the application platform.
  • B. Use Kubernetes Secrets, which are obfuscated by default. Configure these Secrets to be used by the application platform.
  • C. Configure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use Cloud Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used by the application platform.
  • D. Configure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used by the application platform.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by thunderpowerpaul at July 1, 2021, 6:49 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
muhasinem
Highly Voted 3 years, 4 months ago
A is correct . https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity Workload Identity is the recommended way to access Google Cloud services from applications running within GKE due to its improved security properties and manageability. For information about alternative ways to access Google Cloud APIs from GKE, refer to the alternatives section below.
upvoted 32 times
...
dhamo_555
Highly Voted 3 years, 3 months ago
A) - Because Mountkrik Game is going to use GKE clusters for its new deployment and so work load identity is the preferred way to connect the apps running on GKE
upvoted 11 times
...
Sephethus
Most Recent 5 months ago
This question is vague and confusing, I have no idea what it wants to secure exactly. If we're talking about secrets like api keys and tokens another things, I'd use secrets manager, but that's not a choice, if we're talking about service account access it's workload identity. None of this is specified and thus the question is unanswerable.
upvoted 1 times
...
thewalker
1 year ago
Selected Answer: A
A is the best option, as we know the work loads in Mountkirk. Read more what will be managed by GCP, if we go with Workload Identity: https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#what_is
upvoted 2 times
...
omermahgoub
1 year, 11 months ago
The correct answer is: A. Configure Workload Identity and service accounts to be used by the application platform. Workload Identity is a feature of Google Cloud that allows you to map identities from your on-premises or Google Cloud identity provider to Google Cloud service accounts. By using Workload Identity, you can secure the connectivity of your application platform to Google Cloud by using the service accounts to authenticate and authorize access to Google Cloud resources. Service accounts are Google Cloud resources that represent non-human users that your application platform can use to authenticate and authorize access to Google Cloud resources. By using service accounts, you can secure the connectivity of your application platform to Google Cloud by controlling which resources the service accounts can access and what actions they can perform.
upvoted 4 times
omermahgoub
1 year, 11 months ago
To configure Workload Identity and service accounts, you will need to create a service account and bind it to the identity of your workload. You can then use the service account to authenticate to Google Cloud APIs and access the resources needed by your application platform. This will help to secure the connectivity from the platform to Google Cloud and streamline the process of managing access and permissions.
upvoted 2 times
...
...
megumin
2 years ago
Selected Answer: A
A is ok
upvoted 1 times
...
AzureDP900
2 years, 1 month ago
A is right
upvoted 1 times
...
muky31dec
2 years, 9 months ago
I answered A in real exam
upvoted 3 times
...
vincy2202
2 years, 11 months ago
Selected Answer: A
A is the correct answer https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
upvoted 3 times
...
joe2211
3 years ago
Selected Answer: A
vote A
upvoted 2 times
...
MaxNRG
3 years, 1 month ago
A. Workload Identity is the recommended way to access Google Cloud services from applications running within GKE due to its improved security properties and manageability https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
upvoted 1 times
...
Ari_GCP
3 years, 2 months ago
"Secure the connectivity" - gaming platform runs on GKE, and Workload Identity is the recommended way to connect to Google Cloud services from GKE. Hence A.
upvoted 2 times
...
PeppaPig
3 years, 3 months ago
A for sure if you are using GKE :)
upvoted 2 times
...
kopper2019
3 years, 4 months ago
hey guys new Qs posted as of July 12th, 2021, All 21 new Qs in Question #152
upvoted 3 times
...
victory108
3 years, 4 months ago
A. Configure Workload Identity and service accounts to be used by the application platform.
upvoted 2 times
...
kopper2019
3 years, 4 months ago
from my view looks like C
upvoted 1 times
...
MamthaSJ
3 years, 4 months ago
Answer is A
upvoted 4 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel