PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #229
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #229: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #229. The question stem and answer options stay visible for context.
Question
Your organization is transitioning to Google Cloud. You want to ensure that only trusted container images are deployed on Google Kubernetes Engine (GKE) clusters in a project. The containers must be deployed from a centrally managed Container Registry and signed by a trusted authority. What should you do? (Choose two.)
Options
- AEnable Container Threat Detection in the Security Command Center (SCC) for the project.
- BConfigure the trusted image organization policy constraint for the project.
- CCreate a custom organization policy constraint to enforce Binary Authorization for Google
- DEnable PodSecurity standards, and set them to Restricted.
- EConfigure the Binary Authorization policy with respective attestations for the project.
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.